SCHRAGE  ON  HOW  COLLABORATION  +  COMPETITION  =  INNOVATION  Page 32 


ose 


ENTERPRISE 

SEARCH 

Alignment  and 
compliance  are  just 
two  of  the  benefits  of 
search  optimization 

Page  21 


ERPINIRAQ 

When  your  customers 
are  soldiers,  IT  truly  is 
mission  critical 

Page  54 


BUSINESS  TECHNOLOGY  LEADERSHIP 


Closingyour  books 


smarter  and  faster 


can  be  the  difference 
between  good  and  great 


BY  GALEN  GRUMAN  Page36 

MARCH  15.  2007  |  $9.00  |  CIO.COM 

I — L.t  i.l ;  1  -LJ 


'  - — 


f  M 

□ 

0 

0 

i 

a 

1 

■ 

■ 

■ 

■ 

a 

■ 

1 

B 

S 

S 

| 

a 

St 

i 

mW 

aa 

a 

E 

a 

Els 

m 

E 

E 

a 

E 

fii&aiBEiidiaoE 


WIMC 


Microsoft  " System  Center  is  a  family  of 
IT  management  solutions  (including  Operations 
Manager  and  Systems  Management  Server) 
designed  to  help  you  manage  your  mission- 
critical  enterprise  systems  and  applications. 

Dell™  is  using  System  Center  solutions  to  manage 
13,000  servers  and  100,000  PCs  worldwide. 
That's  big.  See  Dell  and  other  case  studies  88 
at  DesignedForBig.com 


Microsoft 


System  Center 


■  ; 

a  m 

Dl 

1 

I 

a 

p 

in 

■ 

1 

■T 

11 

Bln 

ii’ 

IB 

31 

ii 

II 

■ 

Bi 

BE 

3 

s 

EE 

M  U  *  r 

;  •  ;  .  •  •  . 

V$  -ft ** *  •  . '»  " 

••’•  ’•  •  ,*  f  '■  ",  •»  •  .  / 

>6,"  :‘t  >/••/'>  X  hi,  ■ '  •*'•••,•.  •.  .  ■ 

-  V;;  y,  .  :  •.  Ci;  .  ,  \  •.  * 

Where  do  your  IT  assets  go 
when  you  dispose  of  them? 

□  Landfills  in  third  world  nations 

□  Evidence  rooms  awaiting  litigation 

□  The  grateful  hands  of  identity  thieves 


Intechra  is  the  world  leader  in  IT  asset  recycling.  We  focus 
exclusively  on  eliminating  the  risks  surrounding  data  security, 
compliance,  and  environmental  impact,  while  maximizing 
value  recovery  on  IT  asset  investment  for  businesses  around 
the  world.  Visit  us  at  www.intechra.com/cio  for  more  information 
or  to  schedule  a  meeting. 


intechra 

Waste-free,  Worry-free  IT  Asset  Recycling 


i 


c  2007  Intechra  Inc.  All  rights  reserved. 


■p$$i 


i 


CIO  Larry  Shutz 


berg  says  the  real 


benefit  of  speeding 
Rock-Tenn’s  close 
was  “consolidating 
accounting  by  reduc¬ 
ing  headcount.” 


MARCH  15,  2007  I  VOL/20  I  NO/11 


Columns 


28  A  Matter  of  Scale 

mid-market  Former  mid-market  CIOs 
share  what  it  takes  to  make  the  move  to  a 
larger  organization.  By  Martha  Heller 

32  The  Race  to  Innovation 

business  strategy  While  it  may  seem 
that  competition  and  collaboration  are  at 
odds,  the  most  innovative  IT  shops  find 
a  way  to  blend  the  two  productively. 

By  Michael  Schrage 

64  Five  Things  I've 
Learned 


THE  VOICE  OF  EXPERIENCE 

Jakob  Nielsen,  the  leading  expert  on  Web 
usability,  says  less  is  more  when 
it  comes  to  site  design. 


36  Close  Fast,  Close  Smart 


cover  story  |  i.t. -business  alignment  When  it  comes 
to  closing  the  books,  the  benefits  of  speed  are  undeniable.  And  CIOs 
are  uniquely  positioned  to  help  their  organizations  reap  them. 

By  Galen  Gruman 

46  Your  Hire  Power 

staffing  CIOs  need  to  take  an  active  role  in  recruiting  IT  talent.  But 
before  you  set  out  to  solve  the  staffing  puzzle,  know  the  answers  to  these 
seven  critical  questions.  By  Stephanie  Overby 

54  Supplies  in  Demand 

view  from  the  top  As  the  U.S.  marks  the  start  of  its  fifth  year  in 
Iraq,  Lt.  Gen.  Robert  Dail,  director  of  the  Defense  Logistics  Agency,  is 
placing  IT  at  the  core  of  his  strategy  to  end  the  snafus  and  make  the 
military  supply  organization  more  responsive  to  the  troops. 

By  Allan  Holmes 


COVER  ILLUSTRATION  BY  ANASTASIA  VASILAKIS 


www.cio.com  |  MARCH  15,  2007  3 


In  Every  Issue 


[  finance  ] 


6  From  the  Editor 

CIOs  need  to  think  multidimension- 
ally  when  designing  IT  systems  and 
architectures  for  their  organizations. 

By  Abbie  Lundberg 

8  From  the  CEO 

Business  needs  to  grow  at  the  same 
time  it  controls  costs.  A  neat  leadership 
trick— if  you  can  pull  it  off. 

By  Michael  Friedenberg 

13  Trendlines 

►  Banks  fed  up  after  TJX  breach 

Out  of  the  box:  Modular  data  centers 
Book  review:  Using  analytics  to  out¬ 
smart  your  competitors 
Executives  as  public  leaders 
Skype  looks  to  connect  with  the 
enterprise 

CIOs  learn  the  art  of  productive 
political  infighting 
Encryption:  Preventive  medicine  for 
better  security 

21  Essential  Technology 

A  slew  of  new  enterprise  search  options 
can  be  found  at  every  price,  including 
free.  But  what  do  you  really  need? 

By  Galen  Gruman 

62  Index 


4  MARCH  15,  2007  |  www.cio.com 


It’s  All  About  the  Money 

IT  professionals  like  to  talk  about  leveraging  assets 
and  adding  value,  but  the  business  of  business  is 

making  money.  You  may  have  your  architecture 

down  cold,  but  how  well  do  you  know  your  P&L?  If 
you  want  to  brush  up  on  your  money  skills,  visit  our 
special  Money  issue,  where  you’ll  find  account¬ 
ing  and  financial  resources  and  learn  how  to  talk 

toyourCFO.  Remember:  As  CFOs  love  to  say,  ifyou 
take  care  of  the  nickels,  the  dollars  wil  I  take  care  of 

themselves,  yy  www.cio.com/money 


! 


: 


I 


[  LEADERSHIP  ] 

LIGHTEN  UP! 

Yes,  work  is  hard  and  work  is  earnest, 
but  if  your  employees  are  not  having  fun 
attheir  jobs,  chances  are  they’re  not  doing 
good  work.  How  can  you  introduce  a  bit  of 
levity  into  the  workplace?  For  leaders  and 
managers  it  starts  with  not  taking  yourself 
so  seriously.  Or  so  leadership  columnist 
John  Baldoni  says  in  “Permissionto 
Laugh."  »  www.cio.com/leadership 

[  HALL  OF  FAME  I.T.  ] 

CALL  FOR  NOMINEES 

Celebrating  20  years  of  CIO  and  20  years 
of  IT,  we’re  asking  you  to  nominate  those 
men  and  women  who  have  taken  IT  to  new 
levels  in  order  to  induct  them  into  our  CIO 
Hal  I  of  Fame.  Tel  I  us  why  they  deserve  to 
be  honored.  »  www.cio.com/awards 


[COLLABORATION] 

SUPERSTARS 

Our  newest  blog,  The 

Collaboratory,  by  C.G. 
Lynch,  covers  everything 
from  open  source  to  wikis 
as  business  finds  out  that 
its  customers  are  poten¬ 
tial  superstars.  Find  it  at 
www.blogs.cio.com. 


Right 

now@ 

CIO. 

com 


»  View  from  the  Top:  What  your  CEO  thinks  about  you 
»  Special  Reports:  From  tutorials  to  tales  of  IT  horror 
»  Blogs:  Chris  Koch  versus  Chris  Anderson 
»  CIO  Research:  From  global  security  to  staffing 


CERN  &  ProCurve  Networking 


can  handle  it 


“CERN  uses  ProCurve  Switches  because  . 
we  generate  a  colossal  amount  of  data, 
making  dependability  a  top  priority." 

— David  Foster,  Communication  Systems  Group  Leader,  CERN 

CERN  has  joined  with  ProCurve  to  build  their  network  based 
on  high-performance  security,  reliability  and  flexibility, 
along  with  a  lifetime  warranty.*  From  the  world’s  largest 
applications,  to  a  company-wide  email,  just  think  what 
ProCurve  could  do  for  your  network. 


Get  a  closer  look  at  CERN  and  the 
world’s  biggest  physics  experiment. 
Visit  www.hp.com/go/procurveCERN2. 


For  more  information,  call  (800)  975-7684,  Ref.  Code  CERN2. 


*For  as  long  as  you  own  the  product,  with  next  business  day  advance  replacement 
(available  in  most  countries).  For  details,  refer  to  the  ProCurve  Software  License, 
Warranty  and  Support  booklet  at  http://www.hp.com/rnd/support/warranty/index.htm. 
The  ProCurve  Routing  Switch  9300m  series,  ProCurve  Routing  Switch  9408sl,  ProCurve 
Switch  8100fl  series,  and  the  ProCurve  Access  Control  Server  745wl  have  a  oneyear 
warranty  with  extensions  available. 

©  2006  Hewlett  Packard  Development  Company,  L.P  Photo  ©  CERN. 


’  • 


ProCurve  Networking 

HP  Innovation 

'  ■ 

Part  of  the  12,000  ton  CMS  particle  detector 
at  CERN,  Geneva,  Switzerland. 


JfgfP. 


FROM  THE  EDITOR 


Masters 
of  Space 
and  Time 


CIOs  need  to  think 
multidimensionally  when 
designing  IT  systems 
and  architectures  for  their 
organizations 


MARCH  15,  2007  |  www.cio.com 


The  professional  lives  of  CIOs  have  never  been  simple,  and  they’re  not  getting 
any  simpler.  In  this  issue  it  becomes  clear  that  for  IT  to  fulfill  its  mission,  CIOs  must 
master  such  matters  as  size  and  complexity,  speed,  capacity,  and  even  space  and 
time. 

Martha  Heller,  author  of  our  Career  Strategist  column  (Page  28),  tackles  the  issue 
of  size  and  complexity,  offering  advice  to  CIOs  looking  to  make  the  move  from  mid¬ 
size  companies  to  larger,  more  complicated  organizations.  Her  advice  is  right  on: 
Show  that  your  skills  can  scale;  figure  out  how  influence  and  communication  work 
in  a  more  layered  and  extended  envi- 

Ultimately,  the  CIO's  mission 
is  to  make  sure  the  organiza¬ 
tion  he  or  she  serves  is  as 
flexible,  responsive,  secure 
and  intelligent  as  it  can  be. 
And  that  requires  operating  in 
many  different  dimensions. 


ronment;  think  about  how  you  would 
operate  differently  in  a  more  formal 
management  structure.  Best  of  all,  her 
counsel  is  backed  up  by  the  real-world 
experience  of  three  CIOs  who  have  suc¬ 
cessfully  made  the  transition. 

Our  cover  story,  “Close  Fast,  Close 
Smart,”  by  Galen  Gruman,  beginning 

on  Page  36,  is  an  in-depth  look  at  the  strategic  benefits  of  redesigning  your  organi¬ 
zation’s  financial  processes  in  order  to  close  the  books  faster.  Improvements  of  a  just 
few  days  can  have  a  ripple  effect  throughout  the  business.  They  can  help  business 
executives  identify  problems  and  opportunities  much  earlier;  clarify  the  relation¬ 
ship  of  all  financial  information  so  managers  and  executives  can  do  analysis  outside 
the  box;  and,  by  providing  accurate  filings  more  quickly  than  competitors,  increase 
investor  confidence. 

In  “Your  Hire  Power,”  beginning  on  Page  46,  Senior  Writer  Stephanie  Overby 
addresses  one  of  the  main  challenges  of  an  improving  IT  climate:  As  demand 
increases,  how  do  you  increase  capacity  proportionally?  What  are  the  best  ways  to 
find  and  hold  on  to  scarce  IT  talent?  Overby  explains  why  you  need  a  recruiting 
framework,  offers  tips  for  calculating  compensation  and  answers  the  seven  most 
critical  questions  concerning  finding  and  keeping  the  people  you  need. 

And  as  the  Iraq  war  enters  its  fifth  year,  we  talk  to  Lt.  General  Robert  Dail,  com¬ 
mander  of  the  Defense  Logistics  Agency,  about  how  IT  can  help  overcome  the  chal¬ 
lenges  of  moving  massive  amounts  of  materiel  across  vast  and  daunting  geographies 
(see  Page  54).  Dail  assumed  leadership  of  the  DLA  a  little  over  seven  months  ago,  not 
long  after  the  release  of  reports  that  were  highly  critical  of  the  agency’s  performance 
during  the  early  days  of  the  Iraq  and  Afghanistan  wars.  The  DLA  also  had  been  criti¬ 
cized  by  the  Government  Accountability  Office  for  lax  information  security  practices. 
Dail  believes  that  good  information  and  the  right  systems,  managed  well,  are  the  key 
to  fulfilling  the  Agency’s  critical  mission. 

Ultimately,  the  CIO’s  critical  mission  is  to  make  sure  the  organization  he  or  she 
serves  is  as  flexible,  responsive,  secure  and  intelligent  as  it  can  be.  And  that  requires 
operating  in  many  different  dimensions. 


Abbie  Lundberg,  Editor  in  Chief 

lundberg(a)cio.com 


6 


PHOTO  BY  STEVEN  VOTE 


Our  audiovisual  solutions  are  all  business.  Fully-customized. 
Seamlessly  integrated.  Engineered  using  the  latest  technologies. 
Designed  to  fit  your  company’s  needs,  business  culture,  and 
architectural  vision. 

Training  facilities.  Boardrooms.  Conference  rooms.  Cafeterias.  Kiosks. 
Our  vision  is  infinite,  our  execution  is  unparalleled. 

To  download  your  informative  white  paper  and  enjoy 
a  FREE  cup  of  coffee  on  AVI,  please  visit 
www.aviinc.com/cio 


AVImpact 


Or  set  up  a  consulation  by  calling  toll-free  866.634.7265 


Audio  Visual 
Innovations 


BUSINESS  TECHNOLOGY  LEADERSHIP 


FROM  THE  CEO 


president  and  ceo  Michael  Friedenberg 
publisher  Gary  J.  Beach 


I T  Ta  kes  Two 

Business  needs  to  grow  while  controlling  costs.  A  neat 
leadership  trick— if  you  can  pull  it  off. 

I  recently  read  an  interview  with  GE  CEO  Jeffrey 
Immelt,  and  it  was  fascinating  to  get  his  perspective 
on  what  types  of  leadership  skills  are  essential  to  suc¬ 
ceed  in  today’s  tumultuous  business  climate.  Immelt 
says  that  today’s  leaders  need  to  be  “ambidextrous” 
in  order  to  survive  and  thrive.  What  he  means  is  that 
they  must  be  able  to  deliver  growth  with  one  hand 
while  controlling  costs  with  the  other— all  the  while 
sustaining  a  high  level  of  excellence  at  both. 

Sounds  easy,  right? 

As  a  message  to  the  CIO  community,  Immelt’s  analysis  could  not  be  more  timely. 
The  CIO’s  long-established  mission  of  aligning  business  and  technology  goals  is  just 
not  enough  any  more.  Business  is  looking  for  transformation.  And  for  that  to  occur, 
it  needs  the  ambidextrous  leadership  Immelt  describes.  Without  the  ability  to  grow 
within  a  financially  responsible  matrix,  business  success  becomes  an  ever-receding 
goal.  If  CIOs  can’t  meet  this  challenge,  if  they  don’t,  in  fact,  take  the  lead  (and  as  I  said, 
it  won’t  be  easy),  then,  as  I  predicted  ( www.cio.com/archive/01lS07/ceo.html ),  2007 
could  be  a  year  where  CIO  turnover  increases  for  the  first  time  in  about  four  years. 

So,  how  can  CIOs  learn  to  walk  this  tightrope? 

Jim  Collins,  author  of  Built  to  Last  and  Good  to  Great,  has  championed  the  need 
for  companies  to  learn  from  others  in  order  to  achieve  greatness.  Now  he’s  studying 
how  greatness  can  be  lost  (why  some  fall  from  great  to  good)  and  how  companies 
can  sustain  greatness  even  in  the  face  of  disruption.  Leadership  sits  at  the  core  of  his 
findings,  and  he  will  be  sharing  his  perspectives  at  the  upcoming  CIO  Leadership 
Conference,  April  29  to  May  1.  You  can  find  more  information  about  the  conference 
at  www.cio.com/leader_2007 . 

Along  with  Collins,  we’ll  be  joined  by  CIOs  working  to  meet  the  new  demands  of 
leadership,  such  as  P&G’s  Robert  Scott,  SanDisk’s  Cecelia  Claudio,  Lockheed  Martin’s 
Joseph  Cleveland,  H&R  Block’s  Marc  West,  Chevron’s  Louis  Ehrlich  and  many  more. 
I  sincerely  hope  that  you  can  attend  so  we  can  learn  from  one  another  and  learn  how 
to  use  both  hands  to  become  ambidextrous  leaders. 

See  you  there. 


ICXO  MEDIA 

CIRCULATION 

svp,  circulation  Carol  A.  Spach 
subscription  sves.  supervisor  Tina  Pescaro 

CIO  EXECUTIVE  COUNCIL 

GENERAL  MANAGER  Mark  Hall 

managing  director,  program  services  Shaw  Lively 
vp,  development  Dexter  Siglin 
managing  dir.,  content  development  Richard  Pastore 
dir.,  external  relations  Karen  Fogerty 
director  of  research  Michael  Swenson 
marketing  communications  manager  Jennifer  Baker 
director  of  development  Steve  Rovmak 
senior  program  managers  Bill  Golden.  Carrie  Mathews 

PROGRAM  SERVICES  MANAGERS 

Michael  Fahlsing,  Ellen  Friedman. 

Bill  Roche,  Janet  Williams 
program  specialists  Lisa  Desmarais.  Susan  Hupp 
development  managers 
Patrick  Clarke.  Lauren  DeLong.  Steve  Dodman. 
John  Harrison.  Kathy  Mayer 
development  associate  Kristin  Bradshaw 

EXECUTIVE  PROGRAMS 

vp.  executive  programs  Ellen  Daly 
dir.,  business  development  John  Vulopas 
dir.,  event  marketing  Mary  Conroy 
dir.,  event  operations  Deb  Begreen 
senior  conference  producer  Judith  Kittredge 
event  planner  Sarah  Reagan 
event  coordinator  Bethany  Whiffin 
client  services  specialist  Cress  O'Brien 
client  relations  associate  Erica  Foster 
sales  associate  Nicole  Blackburn 

INFORMATION  SYSTEMS 

IiDG  dir.  of  information  services  Nancy  Newkirk 
i.t.  manager  Sean  McCracken 

SENIOR  USER  SUPPORT  SPECIALISTS 

Christopher  A.  Kay,  Thomas  Lupien 

I  user  services  specialist  Gloria  Lam 

associate  user  support  specialist  James  Brevard 
senior  web  developer  David  Cohen 
web  developer  Sanghee  Seo 

(PRODUCTION 

vp,  manufacturing  Chris  Cuoco 
production  manager  Heidi  Broadley 
associate  production  manager  Lisa  M.  Stevenson 

I  MARKETING 

SR.  DIRECTOR.  MARKETING  COMM.  Sue  Yanovitch 
sr.  marketing  comm,  specialist  Susan  Murray 
marketing  comm,  specialist  Lynn  Holmlund 

RESEARCH 

research  manager  Carolyn  Johnson 
senior  research  analyst  Seanna  Maguire 

ADMINISTRATION 

coo  Matt  Smith 

dir.,  finance  Margarita  Chiango 

SENIOR  FINANCIAL  ANALYST,  ONLINE  AND 

integrated  products  Chris  Bernardi 
executive  assistant  to  the  president  Diane  Martin 
accounting  specialist  Joyce  Gillis 
facilities  specialist  John  Kelley 
office  services  coordinator  Mary  E.  Wooldridge 

HUMAN  RESOURCES 

vp.  human  resources  Patricia  Chisholm 


Michael  Friedenberg,  President  and  CEO 

mfriedenberg(a)cio.com 


I  N  C. 


hr  representative  Pauline  Boyle 

INTERNATIONAL  DATA  GROUP 

board  chairman  Patrick  J.  McGovern 

president,  idg  communications  Bob  Carrigan 


PHOTO  BY  CHRISTOPHER  HARTING 


©  CXO  Media  Inc. 


8 


MARCH  15,  2007 


www.cio.com 


©2006  Toshiba  America  Business  Solutions,  Inc.  Electronic  Imaging  Division.  All  rights  reserved 


CFO  &  CIO 


So  happy  together 


Toshiba’s  Encompass™  b  rings  harmony  into  the  boardroom.  Number  crunchers  love  the  fact 
that  they  can  save  up  to  $350  per  employee  per  year  by  eliminating  unnecessary  equipment.  Tech  geeks 
drool  over  the  digital  control  they  get  when  they  can  track  everything  with  the  click  of  a  button. 

It’s  not  world  peace,  but  it’s  a  start.  LetTheHarmonyBegin.com 


TOSHIBA 

Don't  copy.  Lead.* 


BUSINESS  TECHNOLOGY  LEADERSHIP 


WHAT  WE  COVER,  WHOM  TO  CONTACT 


president  and  ceo  Michael  Friedenberg 
publisher  Gary  J.  Beach 

EDITORIAL 

editor  in  chief  Abbie  Lundberg 
editor  David  Rosenbaum 

EXECUTIVE  EDITORS 

Christopher  Koch,  Elana  Varon 

TECHNOLOGY  EDITOR 

Laurianne  McLaughlin 

SENIOR  EDITORS 

Stephanie  Gelston,  Stephanie  Overby, 

Ben  Worthen 

SENIOR  WRITER 

Thomas  Wailgum 

ASSISTANT  MANAGING  EDITOR 

Emily  S.  Henderson 

senior  copy  editor  Cathy  Mallen 
copy  editor  Susan  Bryant-Still 

RESEARCH  SPECIALIST  AND  REPORTER 

Margaret  Locher 

ASSOCIATE  STAFF  WRITERS 

Christopher  Lynch,  Katherine  Walsh 

EDITORIAL  ADMINISTRATOR 

Jill  Paquette 

CONTRIBUTORS 

Lauren  Capotosto,  Galen  Gruman, 
Martha  Heller,  Allan  Holmes,  Robert  McMillan, 
Robert  Mullins,  Michael  Schrage 

DESIGN 

EXECUTIVE  DIRECTOR,  ART  AND  DESIGN 

Mary  Lester 

art  director  Terri  Haas 

ASSOCIATE  ART  DIRECTORS 

Matthew  Goebel,  Chandra  Tallman 

ONLINE  EDITORIAL 

ONLINE  EDITORIAL  DIRECTOR 

Christopher  Lindquist 

SENIOR  ONLINE  EDITORS 

Sandy  Kendall,  Meridith  Levinson, 
Shawna  McAlearney,  Esther  Schindler 

associate  online  editor  Diann  Daniel 
ONLINE  NEWS  WRITER  Al  SaCCO 
online  copy  editor  David  Gradijan 

RESEARCH 

research  manager  Carolyn  Johnson 
senior  research  analyst  Seanna  Maguire 


% 

CXO\  MEDIA  INC. 


INTERNATIONAL  DATA  GROUP 
board  chairman  Patrick  J.  McGovern 

president,  idg  communications  Bob  Carrigan 


fl-BPA 

©CXO  Media  Inc. 


CIO  CAREER 

■  Professional  Development 

■  Personal  Development 

Stephanie  Gelston,  sgelston@cio.com 
Meridith  Levinson,  mlevinson@cio.com 

LEADERSHIP  &  MANAGEMENT 

■  Governance  &  Alignment 

■  Budget  Management  &  IT  Value 

■  Business  Process  Redesign 

■  Management  Methodologies 

Christopher  Koch,  ckoch@cio.com 
Elana  Varon.  evaron@cio.com 

SOURCING  &  STAFFING 

Stephanie  Gelston,  sgelston@cio.com 
Stephanie  Overby,  soverby@cio.com 

ENTERPRISE 

INFRASTRUCTURE 

■  Enterprise  Architecture,  SOA 

■  Middleware 

■  Enterprise  Resource  Management  (ERP) 

■  Supply  Chain  Management  (SCM) 

Christopher  Koch,  ckoch@cio.com 
Thomas  Wailgum,  twailgum@cio.com 
Ben  Worthen,  bworthen@cio.com 


Book  Reviews 

Laurianne  McLaughlin,  lmclaughlin@cio.com 

By  the  Numbers 

Laurianne  McLaughlin,  lmclaughlin@cio.com 

Endlines 

David  Rosenbaum,  drosenbaum@cio.com 

Essential  Technology 

Laurianne  McLaughlin,  lmclaughlin@cio.com 

Forum 

David  Rosenbaum,  drosenbaum@cio.com 

In  Box 

Cathy  Mallen,  cmallen@cio.com 

Jerry  Gregoire:  CIO  Confidential 

Abbie  Lundberg,  lundberg@cio.com 


TECHNOLOGY 

■  Emerging  Technology 

■  Networking  &  Communications 

■  Data  Center 

■  Hardware 

■  Knowledge  Management  &  Search 

■  Storage  &  Virtualization 

Laurianne  McLaughlin,  lmclaughlin@cio.com 
Thomas  Wailgum,  twailgum@cio.com 

WIRELESS/MOBILITY 

Thomas  Wailgum,  twailgum@cio.com 

BUSINESS  INTELLIGENCE 

Stephanie  Gelston,  sgelston@cio.com 

CUSTOMER-FACING  SYSTEMS 

Katherine  Walsh,  kwalsh@cio.com 

SECURITY  &  PRIVACY 

■  Business  Continuity 

■  Compliance 

Christopher  Lynch,  clynch@cio.com 


Martha  Heller:  Career  Strategist 

Stephanie  Gelston.  sgelston@cio.com 

Michael  Schrage:  Making  IT  Work 

Abbie  Lundberg,  lundberg@cio.com 

On  the  Move 

Meridith  Levinson,  mlevinson@cio.com 

Susan  Cramm:  Executive  Coach 

Stephanie  Gelston,  sgelston@cio.com 

Think  Tank 

Elana  Varon,  evaron@cio.com 

Trendlines 

Laurianne  McLaughlin,  lmclaughlin@cio.com 


e-mail  letters@cio.com  phone  508  872-0080  fax  508  879-7784  address  CIO  Magazine,  CXO  Media  Inc., 
492  Old  Connecticut  Path,  P.O.  Box  9208,  Framingham,  MA  01701-9208  website  www.cio.com 
subscriber  services  866  354-1125  •  Fax  847  564-9453  •  E-mail  cio@omeda.com  reprint  services 
Keith  Williams  •  PARS  International  •  212  221-9595  ext.  319  •  E-mail  keith.williams@parsintl.com 
rights  and  permission  Yadira  Pizarro  •  212  221-9595  ext.  231  •  E-mail  yadira@parsintl.com 


COLUMN  &  DEPARTMENT  CONTACTS 


10  MARCH  15,  2007  |  www.cio.com 


With  Brocade,  you  have  the  tools, 


control,  and  knowledge  to  create  a 


competitive  edge  for  your  business. 


It’s  time  to  make  your  data  soar. 


BROCADE 


*  r  /  •  r  '•  ■.'>  -.f  m'AMi 

Jr  . 

>cade.com  .  .  v-f  I 

ommunications  Systems,  Inc.  All  R  ghts  Reserved.  Brocade  is  a  registered  trademark  and  the  B-wing  symbol  js  a  trademark  of  Brocade  Communications,  5>ystepi 

■  '.-i  -'tii  l&Wi'&ti'j? 


WWW.DI 

©  2007  Brocadi 


With  complex  businesses,  ^ 

MB|  reliability  is  not  optional 


The  more  critical  the  technology  to  your  business,  the  more  reliable  it 
must  be.  Your  operations  are  more  complicated  than  ever.  Many  users, 
devices  and  locations.  Many  technologies,  needs  and  applications. 
Alcatel-Lucent  delivers  business  solutions  where  downtime  is  not  an  option. 
More  on  business-critical  on  Alcatel-Lucent.com 
Because  the  world  is  always  on. 

Register  to  meet  us  at  Interop  '07 

www.alcatel-lucent.com/interop 

Alcatel-Lucent  & 


EDITED  BY  LAURI ANNE  McLAUGHLIN  NEW  *  HOT  *  UNEXPECTED 


Banks  Strike  Back 


DATA  SECURITY  What 
makes  the  TJX  data  breach  dif¬ 
ferent  from  the  many  that  came 
before  it?  This  marks  one  of  the 
first  times  banks  or  consumers 
have  linked  a  specific  incidence 
of  credit  card  fraud  to  a  security 
breach  at  a  specific  company, 
says  Jim  Lewis,  a  security  expert 
at  the  Center  for  Strategic  and 
International  Studies. 

Plus,  bank  executives  are  fed 
up  and  they  aren’t  going  to  take 
it  anymore. 

That  seemed  to  be  the  mes¬ 
sage  delivered  by  the  financial 
community  in  the  wake  of  the 
security  breach  announced  by 


TJX  in  January.  TJX,  the  Framing¬ 
ham,  Mass.,  parent  company 
of  discount  stores  including  TJ 
Maxx  and  Marshalls,  revealed 
that  hackers  had  stolen  an  undis¬ 
closed  number  of  customer  credit 
card  numbers  (estimates  are  in 
the  millions).  The  reaction  to  the 
break-in  was  swift:  The  Massa¬ 
chusetts  Bankers  Association 
said  some  of  its  member  banks 
had  been  able  to  trace  recent 
fraudulent  purchases  on  credit 
cards  to  the  TJX  breach. 

“We  believe  the  financial 
responsibility  for  covering 
losses  because  of  fraud  is  on  the 
company  Continued  on  Page  14 


|  e  i  m  1 1 1 1 1 1  m  1 1 1 1 1 1 1 1 1 1 1 1 1  m  1 1 1 1  m  i  i  m  m  m  m  s  1 1 1 1  s  1 1 1 1  m  m  m  I  m  i  m  m  m  m  i  i  i  m  i  m !  i  m  1 1  i  m  m  i  f  i  i  m  1 1  m  i  1 1 1 1  m  1 1  i  i  i  1 1 1  m 


Data 

Center 

inaBox 

EMERGING  TECH  The 

data  center  at  Bryant  Univer¬ 
sity  developed,  as  many  do, 
on  a  piecemeal  basis.  A  server 
here,  a  server  there,  until  the 
Smithfield,  R.I.,  school  had  78 
servers  and  other  equipment 
scattered  across  its  420- 
acre  campus.  Bryant  is  now 
undertaking  a  $900,000  data 
center  project  using  a  modu¬ 
lar  design— an  idea  it  thinks 
merits  top  grades. 


A  modular  data  center 
features  a  preconfigured  col¬ 
lection  of  servers,  storage 
devices,  and  power  and  cool¬ 
ing  equipment  that  can  be 
quickly  set  up  and  easily  main¬ 
tained  at  a  lower  cost  than  a 
custom-made  data  center. 

If  this  sounds  like  a  far-out 
idea,  considerthat  IBM  and 
Hewlett-Packard  each  have 
modular  data  center  offerings, 
and  by  June,  Sun  Microsys¬ 
tems  is  scheduled  to  make 
available  Project  Blackbox— a 
data  center  assembled  inside 
a  shipping  container  that  can 
be  delivered  to  a  customer 


on  a  truck,  parked  next  to  the 
customer’s  building,  plugged 
in  and  turned  on. 

For  its  part,  Bryant  brought 
in  IBM  and  American  Power 
Conversion,  which  jointly 
build  preconfigured  centers, 
of  approximately  500  to 
1,000  square  feet. 

HP’s  “ship  to  site”  program 
lets  a  customer  make  one 
call  to  order  a  modular  data 
center.  When  a  bank  whose 
branches  were  taken  out  of 
service  by  Hurricane  Katrina 
wanted  a  temporary  branch, 
HP  shipped  a  modular  center 
“with  a  drive-through  window 


and  everything,"  says  Belinda 
Wilson,  executive  director  of 
business  continuity  and  avail¬ 
ability  solutions. 

One  hitch:  While  modular 
data  centers  may  help  cus¬ 
tomers  add  capacity  quickly, 
says  Andreas  Antonopoulos, 
a  senior  vice  president  at 
Nemertes  Research,  they 
don’t  address  the  problem 
of  access  to  electricity,  par¬ 
ticularly  in  urban  areas.  In 
such  locales,  the  local  power 
company  may  not  be  able  to 
deliver  the  necessary  juice, 
Antonopoulos  says. 

-Robert  Mullins 


ILLUSTRATION  BY  PETER  HORVATH 


www.cio.com  |  MARCH  15,  2007  13 


TRENDLINES 


CRUNCH  TIME 

Winning  With  Analytics 


Competing  on  Analytics 

Thomas  Davenport  & 
Jeanne  Harris 
Harvard  Business  School 
Press,  2007,  $29.95 


books  Tom  Davenport  may  be  a 
business  strategy  guru,  but  he's  also  a 
fierce  Boston  Red  Sox  fan.  In  his  new 
book,  Competing  on  Analytics:  The  New 
Science  of  Winning,  written  with  Jeanne 
Harris,  he  notes  that  the  numbers  prove 
pitcher  Pedro  Martinez  should  have 
been  pulled  earlierfrom  the  ill-fated 

game  7  of  the  2003  American  League  Championship  Series.  The  cur¬ 
rent  Red  Sox  organization's  ability  to  crunch  numbers— and  create  new 
recruiting  metrics— fueled  its  2004  World  Series  victory,  he  says.  Could 
your  business  do  the  same— use  analytics  to  outsmart  competitors, 
strengthen  staff  and  optimize  key  business  processes?  You  not  only  can, 
but  you  must,  Davenport  argues. 

Better  business  processes  are  one  of  the  last  ways  to  differentiate  your¬ 
self  from  close  competitors  in  today's  global  economy,  he  states.  Firms 
that  are  successful  analytical  competitors  select  one  or  two  distinct  capa¬ 
bilities— attributes  where  they  outshine  rivals— and  then  apply  extensive 
data  and  systematic  analysis  to  bolster  those  capabilities,  Davenport 
says.  Companies  like  Anheuser-Busch  (which  uses  a  mobile  workforce  to 
feed  data  into  a  closely  held  analytics  system  called  BudNetto  optimize 
beer  sales  across  geographies)  are  provingthe  approach's  value,  he  says. 

Davenport  shares  satisfying  examples  of  how  companies  like  Capital 
One,  Harrah’s  Entertainment,  E.&J.  Gallo  Winery  and  American  Express 
use  analytics  to  create  advantage.  The  second  half  of  the  book,  a  how-to 
guide,  details  getting  started  and  executing.  A  concise  discussion  of  the 
architecture  of  business  intelligence  explains  key  technology  issues. 

As  Davenport  notes,  CIOs  will  shape  the  analytical  future.  Without  a 
consistent,  enterprisewide  approach  to  data  management  and  a  flexible 
Bl  architecture,  a  company  can’t  become  an  analytics  champ. 

-Laurianne  McLaughlin 


CEOs  as  Public  Leaders 


TO  What  role  should  U.S.  business  executives  play  in 

*  shaping  debate  and  encouraging  change  on  societal 
issues  like  education,  health  care  and  foreign  policy? 

CEOs  and  board  members  want  to  see  more  of 
their  peers  take  on  leadership  roles. 


44% 

say  most  executives  should  take  on  a  leadership  role 


6% 

say  most  executives  should  play  no  role 


14% 

say  they  personally  take  a  leadership  role 


SOURCE:  McKirisey  Quarterly 

»  .  5.- 1  •  ;.v  v*'  ,  V  w 


'i  ‘  ;• 

Banks  Strike 

Continued  from  Page  13 

where  the  breach  occurred,”  says  asso¬ 
ciation  spokesman  Bruce  Spitzer.  “This 
is  something  we  are  pursuing.” 

As  are  others.  So  far,  at  least  two 
class-action  lawsuits  have  been  filed 
against  TJX  (one  by  banks  in  Alabama 
and  Ohio,  and  another  by  an  individual 
in  West  Virginia).  The  Massachusetts 
Attorney  General’s  office  is  investigat¬ 
ing  TJX’s  security  practices.  The  suits 
and  investigations  have  altered  the 
security  breach  landscape.  “You  will  see 
banks  start  to  attempt  to  hold  retailers 
and  other  merchants  liable”  for  losses 
on  credit  cards,  says  Behnam  Dayanim, 
a  privacy  attorney  with  Paul,  Hastings, 
Janofsky  &  Walker  in  Washington,  D.C. 

As  CIO,  how  do  you  protect  your 
company  from  a  similar  mess?  The  first 
thing  CIOs  should  do  is  discuss  with 
business  unit  leaders  whether  personal 
information  (such  as  addresses,  driver’s 
license  data  and  Social  Security  num¬ 
bers)  needs  to  be  stored  at  all.  If  there’s 
no  compelling  business  reason  to  keep 
it,  then  the  company  should  discard  it 
after  processing  any  transaction,  be  it 
in  a  brick-and-mortar  store  or  online. 
But  if  the  storage  of  the  information  is 
viewed  as  key  to  increasing  sales  then 
the  firm  must  secure  the  data. 

Encryption  is  one  answer.  The  Cali¬ 
fornia  security  breach  notification  law 
(the  standard  for  such  laws,  which 
requires  businesses  to  notify  customers 
when  personal  data  has  been  exposed) 
permits  companies  to  forgo  notification 
if  the  personal  data  was  encrypted.  But 
use  strong  encryption,  because  lawyers 
can  argue  that  weak  encryption  is  no 
protection  at  all,  Dayanim  warns. 

Finally,  if  you  can  hire  a  third  party 
to  conduct  periodic  security  assess¬ 
ments  and  vulnerability  testing, 
security  experts  say  that  will  go  a  long 
way  toward  convincing  regulators,  as 
well  as  dissuading  lawyers  from  filing 
charges. 

-Allan  Holmes 


14  MARCH  15,  2007  |  www.cio.com 


PHOTO  BOTTOM  BY  MATTHEW  BERGHEISER 


MULTIPLY  SECURITY 
AND  MAXIMIZE  UPTIME. 


INTEL®  VPRO™  TECHNOLOGY  WITH  INTEL®  CORE™2  DUO  PROCESSOR. 

Manage  smarter.  Repair  PCs  or  deploy  security  upgrades  remotely,  even  if  they're  powered  off* 
Automatically  isolate  an  infected  desktop  from  the  network  before  it  infects  other  PCs.  With  64-bit 
capable  Intel  vPro  technology  you  multiply  your  company's  possibilities.  Learn  more  at  intel.com/vPro 

•Intel*  Sve  .agemeni  it.  ;sjy  ieguiies  the  platform  to  have  an  Intel*  AMT -enabled  chipset,  network  hardware  and  software,  connection  with  a-povy.er;soi>t;cf  ,iMj 
•02007  e  C  o  poration  Intel,  t  o  Intel  ago.  Intel  Cote,  the  Intel  Core  logo.  Intel  Leap  ahead..  Intel  vPro  and  the  Intel,  Leap  aheadand  vProJugo  an?  trademark's  Pi  registered  yadeiffl 
or  its  S  .  i  at  m  the  United  i(p  .-.m.  countries.  All  rights  reserved  ,  ■  ■'  •  ’j3 


TRENDLINES 


ilium  miiiiiiiiimmmiimiimiiiimmiiiiimiimimimiimmiiiiiimiiiimiimimimiiiiiiimiiiiiiiiiiiiiiiiiiiimmmiii 

Skype  Connects  With  the  Enterprise 


voip  Skype  says  business 
users  grab  30  percent  of  its 
downloads,  but  is  the  enter¬ 
prise  ready  for  wider  use? 

There  are  many  good  rea¬ 
sons  why  Skype  is  slowly 
making  its  way  into  the 
corporate  world:  It’s  free, 
and  you  can  forget  about 
country  codes,  telephone 
numbers  and  long-distance 
bills.  With  a  mouse  click, 
you’re  talking,  or  even  video- 
conferencing,  with  any 
of  the  170  million  Skype 
users  worldwide.  But  there 
are  also  good  reasons  why 
corporate  IT  views  Skype 
skeptically.  For  starters,  it 
can  be  a  bandwidth  hog. 


Another  problem:  Most 
security  products  don’t 
yet  monitor  Skype  traffic, 
meaning  that  Skype’s  file- 
transfer  capability  may 
make  an  end-run  around 
your  company’s  firewall. 
Now  Skype  is  vying  to 
address  these  concerns. 

Consider  the  case  at 
Holly  Corp.:  The  petroleum 
refiner  blocked  Skype  out¬ 
right  when  it  first  noticed 
employees  sneaking  the 
software  onto  the  corporate 
network  two  years  ago. 

“We  started  noticing  that 
bandwidth  was  not  avail¬ 
able,”  says  Paul  Sheth, 
network  and  systems  lead 


with  Holly,  in  Dallas.  “And 
before  it  started  causing  a 
problem  that  people  would 
notice,  we  blocked  it.” 

Up  until  recently,  pulling 
the  plug  was  the  only  way 
corporate  IT  could  control 
the  software,  but  lately  eBay, 
Skype’s  parent  company, 
has  been  jazzing  up  Skype 
so  that  people  like  Sheth 
will  take  a  second  look. 

In  December,  eBay 
released  a  new  version  of 
Skype  that  gave  outside 
programmers  some  level  of 
control  over  the  software, 
and  those  changes  are 
already  making  Skype  eas¬ 
ier  to  manage.  For  example. 


FaceTime  Communications 
now  sells  software  that  can 
be  used  to  centrally  control 
which  Skype  features  are 
permitted  on  the  network. 

With  FaceTime,  Holly 
can  turn  off  videoconferenc¬ 
ing  at  regional  offices  with 
low  bandwidth,  or  block 
file-sharing  with  Skype. 

Still,  security  remains 
an  issue:  Sheth  says  he 
still  doesn’t  quite  have  the 
level  of  control  over  Skype 
that  he  wants.  “It’s  making 
a  stride  in  the  right  direc¬ 
tion,”  he  says.  “As  far  as 
mass  acceptance,  it  will  still 
be  another  year  or  two  off.” 

-Robert  McMillan 


How  CIOs  Can  Fight  Smart 


v,;Wvv  '  ,'j; 
SktaVv  ■ 


Conflict  is  often  the 
elephant  in  the  room  that  execu¬ 
tives  strive  to  ignore.  But  no  matter 
how  tempting  this  may  be,  avoiding 
conflict  gets  you  nowhere.  CIOs  must 
learn  the  art  of  productive  fighting, 
says  Lynne  Eisaguirre,  author  of  The 
Power  of  a  Good  Fight  and  president 
of  human  resources  consultancy 
Workplaces  That  Work.  Eisaguirre  has 
a  few  tips  for  "eating  the  elephant  bite 
by  bite.” 

Accept  conflict  as  normal.  People 
too  often  associate  conflict  with  dys¬ 
function,  says  Eisaguirre,  but  heated 
discussions  are  necessary  for  business 
success.  “The  main  reason  why  many 
companies  are  not  more  productive 
is  because  they  don’t  know  how  to 
manage  conflict  effectively,”  says 
Eisaguirre.  Great  innovation  requires 
working  through  tough  conversations 
and  making  collaborative  decisions 
with  your  CEO,  CFO  and  IT  staff. 


Be  proactive.  Unresolved  con¬ 
flicts  can  quickly  spiral  out  of  control 
and  require  the  support  of  a  third 
party.  Avoid  this  destructive  path  by 
planning  conflict  resolution  strate¬ 
gies  before  a  blowout  takes  place.  If 
your  company  has  hired  a  new  CEO, 
brainstorm  ahead  of  time  how  you 
will  handle  your  inevitable  first  fight, 
advises  Eisaguirre. 

Harness  your  conflict  manage¬ 
ment  skills.  Effectively  managing 
conflict  takes  practice,  because  it’s 
counterintuitive  to  our  gut  responses. 
When  we  are  in  conflict,  our  instinct 
is  to  go  into  fight  or  flight  mode,  says 
Eisaguirre,  but  neither  approach 
works  well  in  the  workplace.  Partici¬ 
pate  in  a  conflict  training  course,  and 
encourage  your  IT  managers  to  do  the 
same,  she  says. 

Don’t  fight  via  e-mail.  E-mail  is 
useful  for  many  things,  but  resolving 
conflict  is  not  one  of  them.  “People 


S/i  fc 

'it  ...  13* 


V- 


u  * 


say  things  in  e-mail  that  they  would 
never  say  face-to-face.  It  is  important 
to  see  people,  or  at  least  hear  the  tone 
in  someone’s  voice”  during  a  conflict, 
says  Eisaguirre.  So  the  next  time  you 
have  the  urge  to  unload  on  your  CFO  in 
writing,  step  away  from  the  computer. 

-Lauren  Capotosto 


16  MARCH  15,  2007  |  www.cio.com 


PHOTO  BY  TOM  TOMCZYK 


End-to-end  enterprise  reliability. 

Fujitsu  PRIMEQUEST™  Servers.  Proven  reliability  to  span  your  enterprise  needs 


IT 

[j 

Fujitsu  PRIMEQUEST  servers  reflect  our  vast  mainframe  experience  as  well  as  our  deep  commitment  to  reliability. 
With  up  to  32  Intel®  Itanium®  2  Processors  each,  these  powerful,  enterprise-class  servers  will  drive  your  costs  down  by 
using  server  consolidation  to  bridge  the  gap  between  Microsoft®  Windows®  or  Linux®  applications  and  mainframe-class 
scalability,  performance,  and  reliability.  Go  to  us.fujitsu.com/computers/reliability2  for  more  information. 


SYSTEM  MIRROR  fault-immunity  transparently 
guards  against  hardware  errors 


T  H  E 


FUJITSU 


LOWER  TOO  with  integrated  facilities 
that  simplify  administrative  tasks 


Itanium' 2 

inside “ 

t.  »  : '  "  '-‘l  J 

Dual-core. 
Do  more. 


POSSIBILITIES  ARE  INFINITE 


©  2006  Fujitsu  Computer  Systems  Corporation.  All  nghts  lesetved.  Fqrtsu.  tne  Fujitsu  logo  and  PFilMEQUEST  are  tiaoemarks  or  registered  trademarks  ol  Fujitsu  United  in  the  United  States  and  other  countries  mte: 
Insid9  Logo,  Itanium,  and  Itamum  Insrde  are  trademaiks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Microsoft  and  Windows  are  registered  trademark:  or  a 
in  the  United  States  anchor  other  countries.  Unux  is  tne  registered  trademark  of  Unus  Torvalds  in  She  U.S.  arid  other  countries-  All  other  trademarks  mentioned  herein  are  the  property  ot  their  respective  owners 


. T  JR  E  N  D  L 1NE  S 


Encryption  Prescription 

Plan  strategically  to  protect  data  and  avoid  management  hassles 

tf 

security  Every  week,  another  instance  of  a  misplaced  notebook  or  hard 
drive  with  private  customer  data  seems  to  surface.  Why  weren’t  these  drives 
encrypted?  Some  IT  departments  view  encryption  as  a  possible  administration 
hassle— but  that’s  changing.  Enterprises  are  starting  to  build  comprehensive 
encryption  strategies  across  multiple  applications,  using  a  single  platform  to 
ease  management,  according  to  new  data  from  the  Ponemon  Institute. 

Among  768  U.S.  IT  and  business  managers  surveyed  by  Ponemon,  66  per¬ 
cent  say  that  they  use  some  kind  of  encryption  to  mitigate  data  breaches.  Use  of 
encryption  has  increased  by  31  percent  in  the  past  year,  and  more  e-mail  applica¬ 
tions,  file  servers,  mobile  devices  and  laptops  are  using  it,  says  Larry  Ponemon, 
chairman  and  founder  of  the  Ponemon  Institute. 

Although  only  16  percent  of  respondents  say  they  have  an  encryption  strategy 
that’s  enforced  across  the  enterprise,  68  percent  feel  that  having  encryption 
policy  enforcement  across  all  applications  is  important. 

CIOs  need  to  help  business  leaders  understand  why  this  is  a  priority:  “CIOs  are 
the  stewards  of  information,  and  encryption  is  about  securing  the  information 
that  puts  your  organization  most  at  risk,"  Ponemon  says. 

Half  of  the  companies  today  use  encryption  on  an  as-needed  basis,  mean¬ 
ing  it’s  not  mandated.  “Some  organizations  allow  users  to  make  the  decision,” 
Ponemon  says. 

Deploying  encryption  tools  piecemeal  can  strain  IT  departments  with  repeti¬ 
tive  tasks  and  increased  costs,  the  report  says. 

IT  groups  see  the  trouble  coming.  Almost  70  percent  of  respondents  feel  it’s 
important  to  have  an  automated  encryption  enforcement  policy.  For  example, 
an  automated  e-mail  policy  would  kick  in  when  a  user  sends  an  e-mail  that’s  not 
encrypted,  but  which  should  be,  says  Ponemon.  Violations  can  be  tracked  as  well. 

One  way  to  simplify:  An  encryption  platform  solution  lets  IT  manage  multiple 
encryption  applications  from  one  console,  eliminating  redundant  administrative 
tasks  and  reducing  operational  costs.  Eighty-nine  percent  of  respondents  have 
either  started  building  a  platform  approach  or  are  interested  in  one. 


! 

1 


' 


Best 

Practices 


Be  proactive.  Don’t  wait  until 
your  company  data  is  com¬ 
promised  before  you  look  at 
encryption  options.  “CIOs  need 
to  understand  what  information 
creates  the  greatest  risk,”  Larry 
Ponemon  says.  "This  means 
partnering  with  business  units 
to  identify  where  encryption  is 
appropriate," 

Be  comprehensive.  It's  hard 
to  argue  that  you’re  thinking 
strategically  if  you’re  encrypting 
only  individual  applications  and 
missing  a  platform  approach 
(which  lets  you  manage  from  one 
console  and  avoid  redundant 
administrative  chores). 

Use  an  automated  encryp¬ 
tion  policy.  "You  can  have  a 
great  policy,  but  unless  users 
know  you’re  enforcing  it,  it  won’t 
be  effective,”  says  Ponemon. 
“That’s  one  of  the  problems  with 
encryption  historically:  It’s  been 
mandated  on  paper  but  the  com¬ 
pliance  was  less  than  50  percent 
because  no  one  was  watching. 
Now  you  can  watch.” 


Your  Encryption  Strategy 

66%  of  companies  have  some  type  of  encryption  plan: 


I 


But  not  enough  plans  are  automated: 


16%  have  a  plan  enforced  consistently  enterprisewide 
30%  have  a  plan  adjusted  to  application/data  types 
20%  use  a  plan  only  for  certain  sensitive  data 
34%  have  no  plan 


6%  have  an  automated  plan  in  place 


68%  say  an  automated  encryption  policy  is  important 


SOURCE:  Ponemon  Institute 


18  MARCH  15,  2007  |  www.cio.com 


SURE  MY  INFORMATION  NEEDS  ARE  DEMANDING. 

BUT  ISN'T  THAT  YOUR  JOB? 


LET  ACXIOM  HELP  YOU  PRODUCE  MORE.  EFFICIENTLY. 


What  used  to  be  data  requests  have  become  information  needs,  which  lead  to 


intelligence  demands.  But  how  can  you  transform  information  into  intelligence 


without  busting  your  budget?  That's  where  Acxiom  can  help.  We  can  design, 


build  and  operate  a  scalable  IT  infrastructure  that  makes  business  intelligence 

. '  •  .  ' i  ■ ;  i  '  ,  H i  *•  ’•  .jV 

■  •  '  My  <  !  ..;  >•  : ..  v.  •  >  1  ■  " 

a  reality  across  your  enterprise  —  it's  what  we've  been  doing  for  decades  for 


many  of  the  world's  leading  brands.  Find  out  more  about  our  IT  capabilities  at 
www.acxiom.com  or  888-3ACXIOM. 


WE  .MAKE'  INFORMATION  INTELLIGENT 


CUSTOMER  DATA  INTEGRATION  ■  DATA  ■  IT  SERVICES  ■  DIRECT  MARKETING  ■  DIGITAL  ■  RISK  MITIGATION  ■  CONSULTING 


^>2007  AdBom  Corporation.  All  rights  reserved  A(xiom  is  a  registered  trademark  of  Acxiom  Corporation. *WF  MAKE  INFORMATION  INIEIUGENE”  is  a  trademark  of  Acxiom  Corporation. 


INFRASTRUCTURE  LOG 


_DAY  53:  We  have  so  much  information.  Data.  E-mails. 
Web  content.  Video.  But  it’s  scattered  across  the 
business.  We  can’t  find  anything  we  need. 

_Gil  says  he  needs  a  hand.  Alas,  I’m  afraid  of  heights. 

_Day  54:  Here’s  something  more  grounded:  IBM  Information 
Management  middleware.  Now  we  can  access  any  kind  of  info 
and  accurately  deliver  it  to  the  people  or  processes 
that  need  it.  It  gives  us  information  we  can  trust  and 
insights  we  can  act  on  to  deliver  real  business  value. 

_0nce  again,  this  accursed  acrophobia  makes  me  the 
object  of  my  colleagues’  ridicule. 


Take  the  Information  On  Demand  Assessment  at: 

IBM.COM/TAKEBACKCONTROL/INFO 


Information  Management 


IBM  and  the  IBM  logo  are  registered  trademarks  of  International  Bust 


ichines  Corporjjiffon  in  the  United  States  and/or  other  countries.  ©2007  IBM  Corporation.  All  rights  reserved. 


A  slew  of 
new  enterprise 
search  options 
can  be  found 
at  every  price, 
including  free. 
What  do  you 
really  need 
to  discover 
true  value? 


Treasure  Hunt 

BY  GALEN  GRUMAN 

SEARCH  |  Who  wouldn’t  like  to  outgoogle  Google?  Given  the  sophistication  of  today’s 
consumer  search  tools,  many  CIOs  have  users  (and  maybe  even  the  CEO)  banging  on 
the  door  asking  why  valuable  corporate  data  is  still  locked  away  in  various  places  and 
unsearchable.  Trying  to  capitalize  on  this  need,  a  bevy  of  vendors  are  introducing  or 
revamping  enterprise  search  offerings.  Most  recently,  IBM  and  Yahoo  teamed  up  to  cre¬ 
ate  free,  downloadable  enterprise  search  software— the  OmniFind  Yahoo  Edition— to 
compete  with  Google’s  Mini  device  for  enterprise  departments  and  small  to  midsize  busi¬ 
nesses.  (Mini  search  software  comes  in  a  preconfigured  appliance,  starting  at  $1,995.) 

All  the  flavors  of  search  can  be  overwhelming.  But  for  enterprises  hoping  to  improve 
worker  efficiency  and  business  processes,  it’s  vital  to  understand  what  the  current  crop 
of  low-cost,  middle  and  high-end  search  options  can  and  can’t  do. 

The  free  OmniFind  Yahoo  Edition  (designed  by  IBM  to  get  a  foothold  in  the  enterprise 
search  space,  with  the  hope  of  selling  product  upgrades  and  services  later)  certainly  has  its 
limits.  But  Eric  Brierly,  CTO  at  Decision  Critical,  a  company  that  provides  online  access  to 
medical  training  and  continuing-education  programs  for  hospitals,  nurses  and  doctors,  was 
able  to  use  it  for  more  than  just  adding  public  search  capabilities  to  the  company’s  website 
(which  is  how  many  entry-level  search  tools  are  used).  Still,  it  took  some  tweaking. 


ILLUSTRATION  BY  ANASTASIA  VASILAKIS 


www.cio.com  |  MARCH  15,  2007  21 


essential  technology 


TOOLBOX 

Inside  the  Search  Tools 

A  wide  range  of  enterprise  search  tools  now  await  your  consideration.  Most  fall  into 
one  of  four  classes,  notes  Forrester  Research  analyst  Matt  Brown. 

Entry-level:  Usually  starting  at  less  than  $20,000,  these  systems  typically  have 
limited  or  no  security,  can  index  HTML  files  and  file  systems  with  common  busi¬ 
ness  documents,  and  have  vendor-imposed  limits  on  capacity  and  indexing  speed. 
They  also  typically  do  not  support  high  availability,  federation  across  multiple 
indexes  or  features  like  clustering.  Examples  include  Google  Mini,  IBM  OmniFind 
Yahoo  Edition  (free),  Microsoft  SharePoint  2007  for  Search,  the  open-source 
Lucene  and  some  Isys  Search  tools. 

Midlevel:  These  systems  typically  start  between  $20,000  and  $80,000  for  single 
server  configurations,  and  offer  greater  capacity,  high-availability  configurations, 
security,  clustering,  extensive  language  support,  deeper  connectors  into  enterprise 
applications  and  federation.  Examples  include  Google  Search  Appliance  and  tools 
from  Coveo,  IBM,  InQuira,  Isys  Search,  Microsoft,  Oracle,  Recommind,  Vivisimo  and 
ZyLab.  SAP  plans  to  offer  its  own  tool  this  year.  “For  basic  full-text  search,  there’s  not 
terrible  differentiation  among  them— but  at  this  tier  you  start  to  see  vendors  excel  in 
particular  areas,  like  customer  self-help  applications  in  InQuira’s  case,  and  ease  of 
setup  and  administration  in  Vivisimo’s  case,”  Brown  notes. 

High-end:  These  systems  typically  start  at  $80,000,  averaging  several  hun¬ 
dred  thousand  dollars  and  extending  into  millions  of  dollars  for  very  large-scale 
systems.  But  they  provide  massive  scalability,  structured  data  search  and  data 
cleansing  tools,  “fuzzy”  search  to  identify  related  content  and  handle  ambiguous 
terms  within  the  search  context,  taxonomy  management,  data  visualization  tools 
and  integration  with  many  back-end  systems  such  as  database,  ERP  and  CRM  sys¬ 
tems.  Most  of  the  companies  offering  such  tools  have  been  around  for  many  years, 
including  Autonomy,  Convera,  Endeca  Technologies  and  Fast  Search  &  Transfer. 
IBM  has  also  recently  entered  this  market. 

Special-purpose:  These  systems  are  not  distinguished  by  price  or  scale  but  by 
domain  specificity.  For  example,  Nexidia  can  search  audio  files,  say,  for  the  use  of 
competitors'  names  in  customer  service  calls,  to  see  if  a  competitor  is  gaining  trac¬ 
tion  among  customers.  Fios  has  crafted  a  search  engine  for  legal  discovery. 

-G.G. 


Decision  Critical  hosts  training  modules 
for  its  customers;  each  customer  has  access 
rights  to  different  modules  based  on  what 
the  customer  has  licensed  or  provided. 
That  requires  Decision  Critical  to  create 
and  maintain  separate  Web-based  course 
catalogs  for  each  customer.  Brierly  has 
long  wanted  to  simplify  the  maintenance 
of  course  pages  and  their  HTML  links  to 
course  details,  and  give  clients  better  key¬ 
word  searching  options.  When  OmniFind 
Yahoo  came  along  as  a  free  tool,  he  decided 
to  see  if  it  might  solve  his  problems. 

One  key  limitation  of  tools  such  as 
OmniFind  Yahoo  is  that  they  index  only 

Managers 
spenaupto 
two  hours  a  day 
searchingfor 
information, 
and  more  than 
half  of  it  is  of  no 
value  to  them. 

HTML  pages  and  common  document  for¬ 
mats  such  as  Microsoft  Word,  Excel  and 
PowerPoint  documents,  and  Adobe  PDF 
files.  They  can’t  catalog  the  contents  of 
databases,  ERP  systems  or  other  corporate 
information  resources.  Brierly  extended 
the  free  version’s  capabilities  by  creating 
hyperlinks  from  the  HTML  course  “start” 
pages  to  SQL  queries  that  returned  the 
course  details  as  HTML  snippets.  Thus, 
Decision  Critical  tricked  OmniFind  Yahoo 
into  indexing  its  database  content.  One 
result:  “There  are  no  more  broken  links, 
since  each  link  is  based  on  what  the  search 
engine  actually  finds,”  Brierly  says. 

But  this  approach  would  not  work  for 
other  corporate  information  stores,  Bri¬ 
erly  acknowledges.  That’s  just  one  reason 
why  many  enterprises  end  up  using  a 
higher-end  tool  for  mission-critical  search 


needs,  says  Matt  Brown,  a  principal  ana¬ 
lyst  at  Forrester  Research. 

Bad  Search  Costs  You 

For  several  reasons,  CIOs  should  find 
search  investments  easier  to  justify  than 
they  would  have  a  couple  of  years  ago. 
Despite  today’s  sophisticated  IT  efforts, 
many  enterprise  managers  say  simply 
getting  to  the  right  information  can  be 
difficult.  “Enterprises  see  Google  [search 
on  the  Web]  and  say,  ‘I  want  some  of  that.’ 


The  search  box  is  now  a  dominant  method 
of  getting  access  to  data  outside  the  enter¬ 
prise,”  says  Whit  Andrews,  a  research 
vice  president  at  Gartner. 

An  Accenture  survey  released  in 
January  2007  reveals  that  U.S.  and  U.K. 
managers  spend  up  to  two  hours  each 
day  searching  for  information,  and  more 
than  half  the  information  they  obtain  has 
no  value  to  them.  In  addition,  45  percent 
of  respondents  say  it’s  a  big  challenge 
to  gather  information  about  what  other 


22  MARCH  15,  2007  |  www.cio.com 


Autonomy:  Acknowledged  by  Industry  Analysts 
as  the  ‘Clear  leader  in  Enterprise  Search’ 


More  than  80%  of  all  information  inside  an  enterprise  is  now  unstructured  and  this  ‘human-friendly’  information  is 
difficult  for  computers  to  understand  and  use.  That  is,  until  now. 

Autonomy  solves  this  problem. 


Autonomy’s  unique  software  enables  computers  to  understand  the  ideas  contained  in  unstructured  information 
including  emails,  web  pages,  video,  and  audio  -  automatically  and  in  real-time.  Find  out  how  your  enterprise  can 
transform  this  content  into  valuable,  actionable  information  without  human  intervention. 


To  learn  more  about  why  Autonomy  is  the  clear  leader  in  Enterprise  Search,  visit  us  at  www.Autonomy.com  or  call  us 


at  1-877-243-9955. 


Copyright  ©  2006  Autonomy.  All  rights  reserved. 

Other  trademarks  are  registered  trademarks  and  the  properties  of  their  respective  owners. 


essential  technology 


parts  of  the  company  are  doing.  Only  31 
percent  said  that  competitor  information 
is  hard  to  get. 

Another  motivator:  Compliance  require¬ 
ments  are  making  business  and  IT  execu¬ 
tives  seek  tools  to  find  information  quickly 
for  regulatory  filings,  government  inves¬ 
tigations  or  discovery  in  legal  cases,  says 
Forrester’s  Brown.  That’s  resulted  in  spe¬ 
cial-purpose  search  tools  for,  say,  transac¬ 
tion  log  files  and  voice-mail  analysis. 

But  enterprises  should  be  careful 
not  to  adopt  search  in  a  piecemeal  way. 
Brown  advises.  “The  industry  competi¬ 
tion  has  made  it  difficult  for  buyers  to 
have  a  cohesive  strategy.  For  example, 
Google’s  offering  is  designed  to  be  provi¬ 
sioned  by  a  layperson,  so  companies  end 
up  with  a  lot  of  Google  appliances  churn¬ 
ing  away  at  indexing,”  he  says.  (Google’s 
newest  version  of  the  Mini,  2.2,  can  index 
up  to  50,000  documents  in  its  $1,995 
entry-level  version,  or  up  to  300,000 
documents  in  its  top-of-the-line  $8,995 
version.  IBM  OmniFind  Yahoo  Edition 
can  index  up  to  500,000  documents.) 

Besides  wasting  network  resources, 
naive  deployment  of  entry-level  search 
tools  can  both  expose  private  informa- 

Enterprises 
should  be 
careful  not  to 
adopt  search  in 
a  piecemeal 

tion  and  hide  available  documents,  says 
Gartner’s  Andrews.  That’s  because  such 
search  engines  will  scan  all  servers  and 
documents  you  point  them  to,  and  a  server 
may  have  data  that  had  been  secured  by 
obscurity— no  one  knew  it  was  there,  so 
it  was  safe— that  is  now  available  in  the 
search  engine.  And  these  low-cost  engines 
rarely  offer  accounts-based  access  that 
could  restrict  access  to  specific  documents 
based  on  who’s  doing  the  search,  he  says. 


Conversely,  a  naive  setup  could  miss 
some  servers  with  documents  that  you 
want  to  be  accessible. 

Craft  a  Cohesive  Strategy 

A  cohesive  search  strategy  does  not  mean 
that  enterprises  need  to  have  a  single 
search  platform  or  a  single  content  index. 
“It’s  OK  to  have  several  implementa¬ 
tions  for  different  purposes  and  business 
units,”  Brown  says— though  the  enter¬ 
prise  should  map  out  distinct  needs,  to 
ensure  that  information  that  should  be 
widely  accessible  isn’t  mistakenly  com¬ 
partmentalized. 

For  example,  it  makes  sense  to  have 
an  independent  search  engine  for  a  com¬ 
pany’s  public-facing  website,  to  ensure 
that  internal  data  is  not  included,  and  it 
can  make  sense  to  have  specialty  search 
engines  for  log  analysis.  But  it  typically 
doesn’t  make  sense  for  sales  and  customer 
service  to  have  separate  search  platforms, 
since  that  lets  customer  information  fall 
through  the  gaps  of  the  two  systems. 

That  realization  led  Harris,  a  com¬ 
munications  equipment  manufacturing 
company,  to  implement  several  search 
technologies,  each  handling  distinct 
tasks,  says  Janice  Lindsay,  director  of 
supply  chain  management.  For  example, 
Harris  uses  a  Google  search  engine  to 
give  employees  access  to  documents  and 
intranet  HTML  pages,  so  employees  can 
do  quick  searches  on  specific  informa¬ 
tion.  But  when  the  company  decided  to 
use  search  to  help  ensure  that  product 
engineers  and  manufacturing  staff  could 
find  which  parts  had  the  best  prices  and 
highest  quality  ratings  and  which  came 
from  preferred  suppliers,  it  developed  a 
search  platform  using  Endeca’s  high-end 
search  technology. 

That’s  because  the  engineering  search 
needs  to  direct  engineers  and  others  to 
the  best  or  preferred  answers  to  questions 
such  as  “What  components  meet  these 
engineering  requirements?”  The  results 
returned  are  filtered  and  ranked  based  on 
as  many  as  200  criteria,  Lindsay  says.  The 
search  engine  taps  into  ERP,  manufactur- 


Companies 
squander 
up  to  10% 

of  overall 
salary  costs 

to  wasted 

effort, 

because 

employees 

can’tfind 

information. 

SOURCE:  Butler  Group 


ing,  product  design  and  other  systems,  as 
well  as  into  some  supplier  systems  and 
industry  databases  to  have  the  context 
needed  for  the  search  engine’s  rules  to 
make  the  recommendations. 

The  need  to  integrate  with  other  enter¬ 
prise  systems  is  a  sure  pointer  toward 
midrange  and  high-end  search  offerings, 
analysts  Brown  and  Andrews  say. 

Centralize  and  Conquer 

Many  organizations  have  multiple  search 
technologies  in  place,  but  they’re  not 
coordinated.  At  best,  this  wastes  network 
and  IT  resources.  At  worst,  it  results  in  a 
fractured  view  of  information  across  the 
enterprise,  compromising  product  and 
service  quality. 

With  engineers  spread  throughout  the 
world,  engineering  consultancy  Arup 
was  concerned  that  a  team  working  in 
one  office  might  not  know  about  design 
approaches  being  used  in  other  offices, 
creating  uneven  quality  across  locales.  So 
seven  years  ago,  the  company  brought  in 
a  basic  search  engine.  “We  immediately 
drowned  with  information  overload,  and 
people  questioned  the  search  results’  valid- 


24  MARCH  15,  2007  |  www.cio.com 


ADVERTISING  SUPPLEMENT 


CK£lO 

Today's  IT  Leaders  on  Market  Trends 


SECURITY 

MAXIMIZING  INVESTMENTS  FOR  OPTIMAL  RESULTS 


Over  the  last  decade,  CIOs  and  other  exec¬ 
utives  have  witnessed  the  transformation 
of  IT  security  from  an  afterthought  into  a 
mainstream  issue  that  ripples  throughout  the 
enterprise  and  beyond.  In  today’s  networked 
world,  businesses  are  far  more  vulnerable  to 
breaches  in  security,  particularly  as  malicious 
attacks  are  increasingly  launched  with  an  aim 
toward  profiting  from  hijacked  personal  data. 

CIOs  and  IT  decision  makers  are  very 
conscious  of  the  importance  of  security  planning 
as  a  driver  of  business  success,  and  must  confront 
a  litany  of  questions:  “How  vulnerable  is  this 
system ?  Does  it  provide  absolute  protection  for  our 
critical  business  and  customer  data?  Are  my  tech¬ 
nology  vendors  working  to  making  my  environment 
more  secure?  How  much  do  I  have  to  invest  in  my 
business  to  increase  and  improve  overall  security?” 

A  recent  IDG  Research  survey  validates  the  fact 
that  security  is  now  a  primary  business  priority  that 
affects  IT  budgets.  Today,  most  CIOs  peg  their 
security  costs  at  between  1 0  percent  and  20  percent 
of  their  IT  budgets- — and  the  numbers  escalate  if 
compliance  issues  enter  the  picture.  The  study 
involved  in-depth  discussions  about  security  with 
10  CIOs  at  midsize  and  large  companies.  It 
provides  tangible  examples  of  how  IT  executives 
regard  platform  security  and  identifies  their 
highest-priority  security  concerns.  The  study 
found  that: 

•  CIOs  consider  platform  manageability  and 
maturity  two  key  factors  that  influence  IT 
security. 

•  Data  safety  and  protection  are  enormous 
security  concerns. 

•  In  addition  to  investing  in  secure  software 
platforms,  CIOs  realize  the  importance  of 
their  own  commitment  to  consistent  secu¬ 
rity  processes  and  its  role  in  achieving  posi¬ 
tive  results  over  time. 


Today,  many  CIOs  use  data  from  trusted 
sources,  including  the  Mitre  vulnerability  data¬ 
base  (cve.mitre.org)  and  Secunia  (secunia.com), 
which  provide  a  real-world  view  of  how  various 
platforms  compare  from  a  security  vulnerability 
perspective. 

Figure  1  (below)  shows  the  cumulative  secu¬ 
rity  vulnerabilities  tracked  in  the  Secunia  data¬ 
base  for  three  popular  server  operating  systems: 
Microsoft®  Windows  Server™  2003,  Red  Hat 
Enterprise  Linux  3,  and  Red  Hat  Enterprise 
Linux  4.  The  data  shows  that  the 
cumulative  number  of  security  vulnerabilities 
announced  over  the  first  650  days  of  availability 
for  the  three  products  was  approximately  five 
times  higher  for  Red  Hat  Enterprise  Linux  3  and 
4  than  for  Windows  Server  2003. 


350 


Days  Since  Product  Release 

Figure  1.  Total  Vulnerabilities  for  Windows  Server  2003, 
Red  Hat  ES  3  and  Red  Hat  ES  4. 


CIOs  think  broadly  about  the  security  of 
their  firm’s  IT  infrastructure  and  use  similar  data 
to  make  informed  decisions.  They  also  consider 
this  data  alongside  other  platform  attributes,  such 
as  vendor  support,  manageability  and  scalability. 
As  products  encompass  a  greater  number  of 
features  and  the  complexity  of  products  continues 
to  grow,  ease-of-use  requirements  are  magnified. 


Microsoft 


C 1 O  2  C I O  SECURITY  1 


Custom  Solutions  Group 


Source:  Secunia  Vulnerability  Data 
(http://secunia.com),  December  2006 


ADVERTISING  SUPPLEMENT 


Examining  Priorities 

Although  definitions  vary,  most  CIOs  cite  the 
level  of  operating  system  (OS)  vulnerability  and  a 
vendor's  ability  to  include  significant  protection 
in  applications  and  solutions  as  critical  factors  in 
making  decisions  about  products.  While  the  qual¬ 
ity  of  the  software  solution  and  its  manageability 
are  important  aspects  of  security,  CIOs  indicate 
that  they  are  wary  of  unproven  and  complex  secu¬ 
rity  features. 

Data  protection  is  clearly  the  top  priority 
for  CIOs.  This  applies  to  both  external  and  inter¬ 
nal  protection,  as  some  CIOs  cite  network  and 
desktop  access  control  as  an  important  method 
of  protection  from  internal  threats. 

John  Peterson,  CIO  at  Longmont  United 
Hospital  in  Longmont,  Colo.,  explains:  “We 
believe  internal  processes — and  people — pose  a 
greater  threat  than  vulnerabilities  to  the  operat¬ 
ing  systems.  Issues  such  as  what  we  do  internally 
within  our  organization,  how  we  grant  access  to 
applications,  how  we  make  sure  they  have  the 
proper  level  of  access  within  that  application.  If 
they  change  jobs  and  their  roles  change,  how  do 
we  then  make  sure  they  have  access  proper  to 
their  role?” 

He  and  other  CEOs  cite  the  importance  of 
data  protection  in  context  with  regulatory  and 
compliance  issues. 

While  these  security  concerns  appear  to  be 
overarching,  with  the  right  combination  of  tools 
and  proactive  management  businesses  can  mini¬ 
mize  the  risk  of  security  breaches.  Customers  that 
employ  a  Microsoft  Windows®  environment  have 
an  array  of  management  tools  at  their  disposal  to 
efficiently  manage  the  security  of  their  IT  infra¬ 
structure.  For  example,  Active  Directory®  provides 
a  central  repository  of  information  for  all  network 
users  and  infrastructure — including  information 
that’s  used  for  identity  management.  It  comple¬ 
ments  other  tools  such  as  group  policy,  certificate 
management  and  public  key  infrastructure  (PKI). 

Putting  Partnerships  to  Work 

It’s  no  secret  that  CIOs  prefer  widely  available 
and  proven  technology.  And  the  adoption  of  an 
operating  system  is  no  exception.  “From  a  secu¬ 
rity  perspective,  I  tend  to  steer  towards  standards, 
because  I  know  that  they  are  well  tested  and  well 
vetted  by  companies  larger  than  ourselves,”  says 
Dave  Stritzinger,  CIO  at  wireless  provider 
Brightstar  Corp.  in  Miami. 


CIOs  rely  on  vendors  to  keep  current  with 
security  updates  and  patches,  and  they  insist  on 
an  operating  system  that  can  respond  to  an 
attempted  security  breach  and  prevent  damage. 
As  Scott  Cousins,  CIO  at  NCH  Marketing 
Services  in  Deerfield,  Ill.,  puts  it:  “If  somebody 
does  get  in,  what  is  the  most  damage  they  can 
do?  Can  they  prevent  us  from  conducting  our 
business?  Can  they  actually  get  some  kind  of 
sensitive  data?” 

Among  other  vendors,  Microsoft  has  been 
working  on  consistently  improving  security  stan¬ 
dards  with  better  quality  and  manageability  in 
day-to-day  operations.  Since  initial  pushes  in 
security  in  2002,  it  has  established  the  Trustwor¬ 
thy  Computing  Security  Development  Lifecycle 
(SDL),  a  process  applied  to  all  Microsoft  prod¬ 
ucts  for  enhanced  application  security.  The 
approach  focuses  on  deploying  products  that 
require  fewer  patches  and  provide  a  higher  level 
of  reliability.  For  IT  departments,  this  translates 
into  lower  maintenance  costs,  increased  availabil¬ 


About  CI02CI0 
Perspectives:  This 
peer-based  thought 
leadership  program 
analyzes  quantitative 
research  and  tests  it 
via  qualitative  inter¬ 
views  with  actual 
CIOs.  The  resulting 
executive  insight  is 
then  disseminated 
via  CXO’s  multimedia 
assets.  To  learn  more 
about  CI02CI0 
Perspectives, 
please  contact 
mavery@cxo.com. 


ity  and  decreased  security  risk. 

Finally,  many  CIOs  are  now  turning  to 
outsourcing  and  managed  security  services 
providers  (MSSP)  to  ratchet  up  protection  and 
embrace  best  practice  policies.  As  Stritzinger 
explains:  “[Security]  is  not  our  core  competency. 
This  is  one  area  that  we  can’t  move  fast  enough 
or  [effectively]  enough  on  a  cost  basis.” 


Although  outsourcing  may  reduce 
most  organizations  view  it  as  a  way  to 
focus  on  core  competencies  and  reduce 
administrative  overhead.  It  can  also  mini¬ 
mize  the  need  to  upgrade  systems  inter¬ 
nally  while  allowing  IT  staff  to  handle 
more  strategic  matters. 

Conclusion 

In  the  final  analysis,  it’s  clear  that  CIOs 
are  looking  for  stability,  reliability  and 
flexibility  in  dealing  with  security  issues. 
While  they  seek  powerful  solutions, 
they’re  focused  heavily  on  how  operating 
systems  and  security  products  integrate 
into  the  overall  environment  and  how 
an  IT  environment  affects  total  cost 
of  ownership.  CIOs  recognize  that  their 
own  investment  in  security  complements 
vendor  efforts  to  measure  up  to  today’s 
complex  and  rapidly  evolving  business 
environment.  I 


costs, 


Go  to  www.cio.com/ 
whitepapers/itsecurity 

now  to  obtain  a 

of  "IT  Security 
Measures:  How  CIOs 
Use  Strategies,  Metrics 
and  Partnerships  for 
Success".  Based  on  a 
major  research  survey 
by  IDG  Research 
Services  featuring 
in-depth  discussions 
with  CIOs  at  midsize 
and  enterprise-class 
organizations,  this  just- 
released  white  paper 
aims  to  help  CIOs 
analyze  their  IT 
infrastructure  so  that 
it  runs  more  effectively 
and  efficiently,  and 
draws  on  peer  insights 
to  create  highly  avail¬ 
able  and  manageable 
systems. 


Custom  Solutions  Group 


Microsoft 


C  I  O  2  C  I  O 


SLCURI  T  V  2 


“The  great  leaders  are  like  the 
best  conductors  —  they  reach 
beyond  the  notes  to  reach  the 
magic  in  the  players.” 

—  Blaine  Lee, 

The  Power  Principle 


April  29  —  May  1,  2007 

Hyatt  Regency  Huntington  Beach  Resort  &  Spa 
Huntington  Beach,  California 


To  Register: 

Visit:  www.cio.com/leader_2007 

Phone:  800.355.0246 

Email:  executiveprograms@cxo.com 

Early  registration  discount 
ends  March  30, 2007 

Opening  Keynote: 

Good  to  Great  And  the  IT  Leader 
Jim  Collins,  Author  and  Co-Author, 

Good  to  Great  and  Built  to  Last 

WWW.cio.COm/leader_2OO7 


Official  Hosts: 

Corporate  Sponsors: 

<  bmesoftware 

•  1 1 1  •  1 1 1  • 

CISCO. 

dTRIX 

• 

• 

innovativ’ 

1  R  i  s  e 

VISUALIZE.  INNOVATE.  DELIVER™ 

ITM 

SOFTWARE 

Microsoft 

red  hat. 

ORACLG' 

^  Symantec. 

essential  technology 


ity,”  says  Tony  Sheehan,  group  knowledge 
manager. 

Arup  tried  again,  this  time  using  the 
high-end  Autonomy  search  platform.  The 
new  system  can  tap  into  the  company’s 
databases,  financial  and  human  resources 
systems,  and  free-form  content,  either 
directly  or  via  add-on  software.  This  uni¬ 
fied  search  platform  made  critical  business 
sense,  says  Sheehan.  The  result:  Engineers 
now  share  the  same  knowledge  no  matter 
where  they  are  based,  providing  a  consis¬ 
tent  global  level  of  quality,  he  says. 

National  Instruments  faced  a  similar 
problem.  “Our  search  tools  grew  over 


fragmentation,  says  CIO  Jo  Haraf.  So  the 
thousand-member  firm  took  its  time  to 
find  a  tool  that  met  its  needs,  rather  than 
deploy  interim  technologies,  she  says.  The 
firm  ultimately  selected  midrange  solu¬ 
tion  Recommind  because  it  could  do  what 
Haraf  calls  “gray-area  search”— that  is,  it 
has  the  ability  to  pull  in  results  suggested 
by,  but  not  explicitly  within,  the  search 
query— which  for  a  law  firm  provides  a 
real  edge  in  finding  unexpectedly  related 
cases. 

Notably,  Arup,  Harris  and  National 
Instruments  all  realized  that  they  needed 
to  impose  their  own  context  and  organiza¬ 


Arup  imposed  its  own  categories 
on  data  to  ensure  that  results 
would  be  grouped  in  the  mental 
baskets  used  in  the  company. 


time  as  the  company  was  learning  what 
search  could  do,”  says  Jeff  Watts,  the 
instrumentation  maker’s  former  search 
and  communities  manager.  “With  mul¬ 
tiple  systems,  there’s  no  source  of  com¬ 
plete  information,  plus  you  end  up  with 
specialized  employees  whose  knowledge 
is  lost  as  they  leave  the  company  or  rotate 
to  other  departments,”  he  says.  When  the 
company  decided  to  standardize  its  Web 
presence  across  the  globe— providing  a 
single  platform  that  could  support  mul¬ 
tiple  languages,  local  product  catalogs  and 
online  customer  self-service— it  also  took 
the  opportunity  to  standardize  its  inter¬ 
nal  search  platform  using  a  high-end  Fast 
Search  &  Transfer  system. 

Law  firm  Morrison  &  Foerster  knew 
from  the  beginning  that  it  wanted  a  cen¬ 
tralized  search  platform  to  avoid  just  such 


Search's  Dark  Side 


For  a  look  at  the  not-so-helpful  side  of 
search,  see  “5  Ways  Google  Is  Shaking  the 
Security  World,”  at  www.csoonline.com/ 
read/050106/google_security.html. 

cio.com 


tional  structure  to  search  results  to  better 
tune  them  to  their  business  needs— even 
though  the  midrange  and  high-end  sys¬ 
tems  can  infer  context  as  part  of  their 
indexing.  For  example,  National  Instru¬ 
ments  imposed  structure  and  context  on 
its  information  to  help  searches  across 
multiple  systems  more  easily  find  simi¬ 
lar  information.  And  Arup  imposed  its 
own  categories  on  data— such  as  projects 
and  people— to  ensure  that  search  results 
would  be  grouped  in  the  mental  baskets 
used  in  the  company.  Watts  and  Sheehan 
call  the  effort  difficult  but  worthwhile. 

Take  Search  Further 

What  would  these  search  users  like  to  do 
next  with  search  for  their  enterprises? 
Sheehan  is  considering  implementing 
search  actively,  not  waiting  for  users  to 
ask  questions.  The  idea:  The  search  engine 
pulls  relevant  information  into  a  window 
as  the  user  types— for  instance,  providing 
links  to  other  cantilevered  bridge  designs 
if  a  user  is  writing  a  proposal  for  that  kind 
of  structure.  “For  me,  this  is  the  future  of 
search,”  he  says. 


Where  Search 
andBI  Blend 

High-end  search  platforms  such  as 
those  from  Endeca  Technologies  and 
Fast  Search  &  Transfer  are  beginning 
to  blur  the  lines  with  business  intel¬ 
ligence  (Bl)  systems.  Some  bring  in 
analytics  capabilities  and  let  you  save 
searches,  essentially  creating  canned 
reporting  capabilities  from  what 
started  as  free-form  searches. 

What  does  this  kind  of  capability 
look  like  in  action?  Communica¬ 
tions  equipment  maker  Harris  uses 
Endeca’s  search  platform  to  bring  “Bl 
2.0"  capabilities  to  its  supply  chain 
management  system,  says  Janice 
Lindsay,  director  of  supply  chain 
management. 

That  means  using  analytics  and 
business  rules  so  that  search  steers 
decisions— such  as  recommending 
preferred  suppliers,  or  advising  engi¬ 
neers  that  a  part  is  near  the  end  of  its 
lifecycle. 

These  analytics  also  help  engi¬ 
neers  predict  costs  versus  budget  as 
they  investigate  parts  and  manufac¬ 
turing  approaches,  and  help  monitor 
compliance  to  goals  such  as  choosing 
parts  with  lower  defect  rates. 

-G.G. 

Morrison  &  Foerster’s  Haraf  looked  at 
such  active  search  capabilities  a  few  years 
ago,  but  rejected  the  then-current  offer¬ 
ings  because  they  interrupted  users’  work 
with  alerts.  “Users’  initial  reaction  was, 
‘That  would  drive  me  crazy;  please  make 
it  go  away,”’  she  recalls.  But  a  noninvasive 
approach  that  suggested  relevant  cases  or 
subject  experts  as  an  attorney  was  writing 
a  brief  or  memo?  “That  would  be  interest¬ 
ing,”  she  says.  BE] 


Galen  Gruman  is  a  frequent  contributor  to  CIO. 
You  can  reach  him  at  ggruman@zangogroup. 
com. 


26  MARCH  15,  2007  |  www.cio.com 


BY  PARTNERING  WITH  DELL,  UNILEVER’S 
CUSTOMER  SATISFACTION  KEEPS 
GOING  IN  THE  RIGHT  DIRECTION.  UP. 


Unilever  makes  just  about  everything.  Including  making  smart 
decisions,  like  choosing  Dell™  Managed  Services  to  get  a  higher 
return  on  their  IT  investment  in  North  America.  Unilever  is  now 
able  to  invest  more  in  their  brands,  so  their  customers  continue 
to  feel  good,  look  good  and  get  more  out  of  life.  And  Dell  does  it 
all  by  focusing  on  Unilever’s  agenda.  That’s  how  we  design 
business  solutions  with  only  one  company  in  mind.  Yours. 


To  talk  with  a  Dell  representative  call 

1.866.223.5210 


To  learn  more  about  the  Unilever  story  visit 

www.dell.com/unilever/cio 


>  :■ 


Purely  You 


not  be  responsible  for  errors  in  typography  or  photography.  Dell  and  the  Dell  logo  are  trademarks  of  Dell  Inc.  Other  trademarks  and  trade  names  may  be  used  in  this  document  to  refer  to  either  the  entries  claiming  the  maiks 
ames  or  their  products.  Dell  disclaims  proprietary  interest  in  the  marks  and  names  of  others.  ©  2007  Dell  Inc.  All  rights  reserved. 


Martha  Heller  career  strategist 

1  ! 


A  Matter  of  Scale 

Former  mid-market  CIOs  share  what  it  takes  to  make  the  move  to  a  larger  organization 


ou  are  a  successful  mid-market  CIO  who  is  ready 
to  apply  your  IT  leadership  talents  on  a  larger 
stage.  But  before  you  start  sending  your  resume 
to  the  Fortune  10,  you  may  want  to  ask  yourself 
a  critical  question:  How  scalable  are  my  skills? 

As  anyone  who  has  implemented  enterprise  systems  can 
tell  you,  if  you  ignore  the  scalability  factor,  your  system  won’t 
last  three  years.  Given  that  you  probably  want  your  next  CIO 
role  to  last  at  least  that  long,  it  is  helpful  to  understand  what 
you  need  to  think  about  before  moving  to  a  larger  organization. 
To  get  that  perspective,  I  spoke  with  CIOs  who  have  taken  this 
path  and  made  a  successful  transition.  They  offer  this  advice. 

Prepare  for  the  size  question.  Before  you  worry  about  suc¬ 
ceeding  at  a  larger  company,  you  should  focus  first  on  making 
it  past  the  hiring  committee,  many  of  whose  members  may  be 
concerned  about  your  ability  to  scale.  In  November  2006,  Todd 
Thompson  left  his  role  as  CIO  of  $1.7  billion  airline  JetBlue  to 
assume  the  same  job  at  Starwood  Hotels  &  Resorts  Worldwide, 
the  $6  billion  hospitality  company.  As  he  expected,  the  interview 
team  focused  on  his  ability  to  succeed  in  a  larger  organization. 

“My  answer  was  that  at  JetBlue,  where  I  grew  a  team  of  70  to 
200, 1  proved  that  I  could  scale  very  effectively,”  he  says.  “I  also 
made  the  point  that  there  are  some  complexities  in  an  airline 
environment  that  make  a  $2  billion  company  feel  a  lot  bigger 
from  an  IT  perspective.” 

CIO  Jonathan  Manis  moved  from  Provena  Health,  an  orga¬ 
nization  of  six  hospitals  and  16  long-term  care  facilities,  to 
Sutter  Health,  which,  with  26  hospitals,  is  one  of  the  nation’s 
largest  nonprofit  healthcare  systems.  Like  Thompson,  he  also 
fielded  questions  about  scale. 


28  MARCH  15,  2007  |  www.cio.com 


ILLUSTRATION  BY  JIM  HAYNES 


what  do  you  call  an  ORACLE  customer 
committed  to  performance  management? 
a  Cognos  customer. 


With  Cognos,  Oracle  Application  users  get  the  strategic  insights  they  need 
to  drive  business  forward  today. 

Thousands  of  Oracle  customers  depend  on  Cognos’  proven  solution  for  complete  visibility  and  control. 
Across  all  data  sources,  business  systems,  and  key  applications  like  Oracle  eBusiness  Suite,  Siebel, 
PeopleSoft  and  JD  Edwards.  They  rely  on  a  system  architected  for  tomorrow,  yet  fully  functional  today. 

With  Cognos  Performance  Management,  your  users  get  reporting,  analysis,  planning  and  scorecarding 
all  in  one  easy  to  use,  best-in-class  solution.  So  they  can  get  the  comprehensive  and  consistent  view 
they  need  to  make  intelligent,  informed  decisions.  And  course-correct  effectively.  That’s  why  so  many 
Oracle  customers  choose  Cognos  to  leverage  and  extend  their  Oracle  investment. 

Visit  www.cognos.com/solutions4oracle  today. 


Copyright  ©  2007  Cognos  Incorporated.  All  rights  reserved.  Cognos,  the  Cognos  logo 
and  the  tagline  are  trademarks  or  registered  trademarks  of  Cognos  Incorporated. 
Other  names  may  be  trademarks  of  their  respective  owners. 


THE  NEXT  LEVEL  OF  PERFORMANCE™ 


Martha  Heller  1  career  strategist 


“I  knew  that  if  they  didn’t  ask  it  they  were  thinking  it,  so  I 
decided  to  address  the  issue  head-on,”  he  says.  “I  talked  about 
my  military  experience  in  terms  of  geographical  dispersion 
and  span  of  control  and  related  it  to  the  Sutter  role.  They’re 
thinking,  ‘How  does  this  guy  go  from  $1  billion  to  $7  billion?’ 
I  wanted  to  get  it  out  on  the  table  and  out  of  the  way.” 

The  takeaway:  Focus  on  points  of  relevance  between  your 
experience  and  the  new  role.  Show  how  much  more  important 
these  points  are  than  sheer  numbers. 

Sharpen  your  influencing  skills.  In  April  2006,  Eric 
Goldfarb  left  his  position  as  CIO  of  PRG-Schultz  Interna¬ 
tional,  a  $300  million  financial  services  firm,  for  the  CIO  role 
at  BearingPoint,  which  has  $3.4  billion  in  annual  revenue. 
Since  BearingPoint  is  not  the  first  large  company  Goldfarb  has 
worked  for,  he  has  learned  to  observe  differences  in  culture 
and  management  style  and  shift  his  focus  accordingly. 

A  major  part  of  the  CIO’s  job  in  any  company  is  to  be  aware 
of  the  technologies  available  in  the  market  and  to  use  them  to 
improve  efficiency  or  profitability.  “In  a  smaller  company,  you 
walk  in,  talk  to  the  owner,  and  get  approval  for  a  technology 
investment,”  says  Goldfarb.  “In  a  large  company,  where  the 
magnitude  of  risk  for  every  IT  decision  is  much  greater,  you 
can  no  longer  rely  on  a  handshake  to  get  project  approval.” 

To  win  approval  in  such  a  setting,  you  may  have  to  get  sup¬ 
port  from  your  colleagues  in  sales  and  finance  and  even  get 
a  nod  from  a  board  member  or  two.  That’s  easier  to  do  when 
you’ve  taken  the  time  to  build  strong  relationships  with  key 
stakeholders  and  decision-makers. 

“When  you  sit  down  with  your  CEO,  the  first  thing  he  will 
ask  will  be  who  you  talked  to  about  the  project,”  says  Gold¬ 
farb.  “You  want  to  have  a  good  answer.  Or,  better  yet,  have  the 
CMO  walk  in  as  well  and  echo  what  you  say.” 

The  takeaway:  In  a  smaller  company,  your  relationship  with 
your  boss  is  the  key  to  gaining  approval  of  a  big  IT  decision;  in 
a  larger  company,  you  rely  on  your  circle  of  influence. 

Shorten  your  horizons.  “It  seems  almost  contradictory,” 
says  Goldfarb,  “but  larger,  public  companies  tend  to  have  a 
shorter-term  planning  horizon  than  smaller,  privately  owned 
companies.”  With  shareholders  hanging  on  every  earnings 

report,  he  says,  “the  execu¬ 
tive  team  spends  more  time 
on  month-to-month,  quarter- 
to-quarter  planning”  than  on 
long-range  goals.  Your  stra¬ 
tegic  planning  efforts  can  no 
longer  rely  on  ROI  that  is  three 
years  out;  you  will  need  to  build  shorter-term  savings  into 
your  plans. 

The  takeaway:  Shifting  your  focus  from  the  forest  to  the 
trees  can  be  a  major  adjustment  and  one  worth  anticipating 
before  you  start  the  job. 

Adapt  to  a  new  management  style.  In  many  smaller  com¬ 


panies,  the  original  owners  are  still  running  the  show,  often 
with  the  siblings,  cousins  and  friends  who  have  been  there 
since  the  early  days.  In  a  larger  company,  most  members  of  the 
executive  team  gained  their  experience  elsewhere. 

“You  might  have  a  CMO  who  got  her  MBA  and  then  worked 
her  way  up  the  food  chain  at  a  few  different  major  companies,” 
says  Goldfarb. 

The  takeaway:  If  you  are  accustomed  to  working  with  exec¬ 
utives  who  grew  up  inside  the  company,  you  need  to  learn  to 

"Don't  expect  to  come  in 
and  be  a  miracle  worker." 

-Jonathan  Manis,  CIO,  Sutter  Healtht 

function  in  a  more  formal  management  structure. 

Upgrade  your  communication  abilities.  It  is  hard  enough 
to  establish  clear  and  consistent  communication  in  a  company 
of 9,000  people,  the  size  of  JetBlue.  When  you  move  to  a  com¬ 
pany  of  145,000  people,  as  Thompson  did  when  he  went  to 
Starwood,  the  challenge  is  enormous. 

“At  JetBlue,  we  were  geographically  centralized.  I  could 
walk  around  the  floor  and  talk  to  people  to  learn  what’s  going 
on,”  says  Thompson.  “Here,  we  are  international  and  spread 
out.  I  have  to  communicate  more  formally  and  think  a  little 
harder  about  how  to  get  the  word  out  to  all  of  those  people.” 

Sutter  Health’s  Manis  moved  from  an  organization  that 
had  around  12,000  employees  to  one  that  has  43,000  with 
hospitals  that  range  widely  in  geography,  size  and  culture.  He 
managed  200  IT  employees  at  Provena;  at  Sutter  he  manages 
550.  “The  diversity  of  the  organization  is  a  challenge,”  he  says. 
“Our  hospitals  are  spread  out  through  Northern  California, 
and  they  range  dramatically  in  size.  When  I  am  addressing 
the  entire  organization  on  physician  order  entry,  I  need  to  ref¬ 
erence  the  small  hospital  up  north  as  often  as  I  do  the  progres¬ 
sive  physicians  in  downtown  San  Francisco.” 

The  takeaway:  Understand  your  many  constituencies  and 
tailor  your  message  and  its  delivery  in  order  to  develop  effec¬ 
tive  and  consistent  communication  with  all  of  them. 

One  point  all  three  CIOs  agree  on  is  the  need  to  be  patient. 
Your  natural  desire  when  walking  into  a  new  job  will  be  to 
establish  change  and  credibility  right  away.  Manis  suggests 
you  resist  that  inclination. 

“In  a  smaller  company  you  can  step  in,  assess  the  situa¬ 
tion  and  take  action  pretty  quickly,”  he  says.  “But  in  a  larger 
company,  you  want  to  take  your  time  and  evaluate  what  you’re 
stepping  into.  Don’t  expect  to  come  in  and  be  a 
miracle  worker.”  QQ 


Martha  Heller  is  managing  director  of  the  IT  Leadership 
Practice  at  ZRG,  an  executive  recruiting  firm  based  in 
Boston.  Reach  her  at  mhetter@zrgroup.com. 


Join  the  Conversation 


Respond  to  Martha  Heller’s 
latest  online  column  by  visiting 

www.cio.com/career/strategist. 

cio.com 


30  MARCH  15,  2007  |  www.cio.com 


The  COO  needs  better  ways  to  manage  processes 


mmmmmrnmA 


llT 


The  CEO  needs  to  know  it's  getting  done. 


The  CIO  has  a  strategy  for  IT  to  meet  all  their  needs  and  deliver  results. 


Welcome  to  Business  Service  Management  from  BMC  Software.  Business  Service  Management  (BSM) 


The  CFO  needs  to  reduce  costs. 


means  the  goals  of  IT  are  the  same  as  the  goals  of  the  business.  And  with  proven  software  and  processes 
from  BMC  Software,  BSM  can  be  implemented  in  stages,  demonstrating  the  value  of  IT  as  you  go. 
All  business  success  stories  have  to  start  somewhere.  With  BSM,  they  begin  in  IT. 


www.bmc.com/results 


<  bmcsoftware 


ACTIVATE  BUSINESS  WITH  THE  POWER  OF  IT' 


©  2007  BMC  Software,  Inc.  All  Rights  Reserved. 


X> 


IT'S  ALL  ABOUT  THE  EXECUTION 


Michael  Schrage 


The  Race  to  Innovation 

While  it  may  seem  that  competition  and  collaboration  are  at  odds,  the  most  innovative  IT 
shops  find  a  way  to  blend  the  two  productively 


Collaborate  or  compete?  That’s  a  core  strategic  ques¬ 
tion  for  organizations  seeking  margins  and  market 
share.  When  are  they  better  off  energetically  com¬ 
peting  against  their  rivals?  When  are  they  wisest  to 
collaborate  and  cooperate?  That  strategic  question  is  even  more 
important  for  the  internal  IT  marketplace.  CIOs  have  to  deter¬ 
mine  what  will  better  drive  desirable  results:  more  collabora¬ 
tion  within  their  IT  shops  or  encouraging  smarter  competition. 
The  “correct”  answer,  of  course,  is  “both.”  Good  luck. 

Unfortunately,  most  CIOs  focus  far  less  on  the  productive 
role  of  competition  versus  collaboration  than  on  the  design  and 
deployment  of  productive  process.  Our  legitimate  concerns 
about  process  undermine  rigorous  thought  and  action  around 
when  getting  people  to  compete  and  getting  them  to  collab¬ 
orate  makes  the  most  sense.  Too  much  of  either  can  kill:  As 
Paracelsus,  the  16th  century  Swiss  alchemist  keenly  observed, 
“The  dose  makes  the  poison.”  What’s  the  right  dosage?  What’s 
the  right  mix? 

These  issues  snapped  to  mind  at  this  magazine’s  CIO  100 
Symposium  in  San  Diego,  during  a  session  on  innovation  that 
I  participated  in  with  Capital  One  CIO  Gregor  Bailar  and  oth¬ 
ers.  Bailar,  inspired  by  an  internal  competition  run  by  CBS 
Marketwatch  to  encourage  creative  mash-ups,  imported  the 
idea  to  his  IT  shop.  The  first  time  he  ran  the  competition,  he 
got  far  fewer  entries  than  expected. 

Now  it’s  not  that  Bailar  doesn’t  encourage  or  support  Web 
2.0-oriented  innovation.  Capital  One  is  as  innovative  a  shop 
as  you’ll  find.  The  organizational  reality  is  that  sometimes 
internal  competitions  productively  tap  an  existing  well  of  frus¬ 
tration  and  perceived  opportunity.  But  if  the  target  audience 


32  MARCH  15,  2007  |  www.cio.com 


ILLUSTRATION  BY  KIM  ROSEN 


A  people-ready  business  runs  on  Microsoft  software. 

When  your  technology  collaborates,  it's  easier  for  your  people  to  collaborate.  So  make  sure  everyone— 
from  IT  to  end  users — works  on  a  platform  of  interoperable  software.  Microsoft  software.  New 
business  applications  will  connect  to  what's  already  deployed.  Data  infrastructure  will  be  well  managed 
Business  processes  will  extend  across  the  firewall.  And  IT  will  empower  everybody  to  deliver,  together. 
Microsoft.  Software  for  the  people-ready  business!M  microsoft.com/peopleready 


Your  potential.  Our  passion, 

Microsoft 


When  the  software  ~  J 

works  together,  the  people 


ready  business 
works  together. 


Michael  Schrage 


IT'S  ALL  ABOUT  THE  EXECUTION 


hasn’t  yet  perceived  the  potential  opportunity,  they  may  treat 
such  competitions  as  just  gimmicky  distractions. 

This  is  a  powerful  and  (relatively)  innovative  diagnostic. 
Run  an  internal  competition  around  mash-ups,  interfaces, 
tech  support  or  some  other  IT-empowered  business  issue 
and  see  what  kind  of  response  you  get.  The  size  of  the  prize 
and  quality  of  recognition  have  to  make  sense,  but  you’ll  be 
amazed  at  what  does— and  doesn’t— pop  up.  I  was. 

Indeed,  you’ll  find  the  conversation  surrounding  prize  size, 
recognition  and  rewards  speaks  volumes  about  your  shop’s 
competition  culture.  Will  a  token  dinner  for  two  and  an  enter¬ 
prise  attaboy  from  the  CIO  motivate  people?  Or  do  you  need 
cold,  hard  cash?  Are  you  looking  for  breakthrough  ideas  from 
a  brilliant  programmer?  Or  would  you  rather 
have  entries  from  programming  pairs  or  trios? 

Do  you  want  lots  of  entries?  Or  do  you  want  the 
“right”  ones? 

These  aren’t  rhetorical  questions.  The  way 
you  design  a  competition— particularly  its 
rewards— reveals  your  own  values  as  a  leader. 

To  the  extent  you  recognize,  reward  and  cel¬ 
ebrate  individual  achievement,  you  may  tacitly 
discourage  collaboration.  To  the  extent  you  pit  teams  against 
one  another  to  come  up  with  solutions,  you  discourage  shar¬ 
ing  and  cooperation.  And  if  competition  in  any  form  is  seen 
as  irrelevant  to  innovation,  creativity  and  productivity,  you’re 
running  an  IT  shop  that’s  ignoring  one  of  the  greatest  spurs  to 
ingenuity  known  to  history. 

CIOs  worldwide  are  impaled  on  the  schizophrenic  horns 
of  a  leadership  dilemma.  IT  organizations  desperately  need 
the  efficiencies  and  innovations  that  internal  competition  can 
surface.  Yet  they  have  to  promote  greater  knowledge  sharing 
and  collaboration  to  encourage  greater  efficiencies  in  inno¬ 
vation  communication  and  alignment.  So  which  is  the  better 
investment:  rivalry  or  cooperation? 

Even  though  I’ve  written  books  about  collaboration,  my 
money’s  on  rivalry  as  the  medium  and  method  that  deserves 
greater  investment  and  ingenuity  from  CIOs.  While  competi¬ 
tion  shouldn’t  be  a  dominant  driver  of  your  internal  IT  cul¬ 
ture,  it  needs  to  be  more  than  a  spice:  It  has  to  be  an  essential 
ingredient.  Yes,  competition  for  the  sake  of  competition  is 
dumb— but  so  is  collaboration  for  the  sake  of  collaboration. 
You  need  to  begin  by  learning  how  your  existing  IT  culture 
defines  the  contours  of  its  collaboration  versus  cooperation 
landscape. 

While  the  answers  aren’t  easy,  the  path  to  finding  them  is. 
Look  at  the  three  most  common  “success  stories”  your  organi¬ 
zation  tells  when  it’s  reviewing  past  accomplishments.  Then 
review  the  three  most  common  “abysmal  failure”  tales  your 
people  tell.  Here’s  the  trick:  Don’t  look  for  the  heroes,  villains, 
best  practices  or  dumbest  decisions.  Instead,  examine  the 
competitive  versus  collaborative  dynamics  of  each  project. 


What  role  did  competition  and  rivalry  play  in  the  successes 
and  the  failures?  How  did  cooperation  and  sharing  add  value 
or  induce  paralysis? 

You’re  guaranteed  to  discover  your  IT  shop’s  comfort  zones 
around  rivalry  and  cooperation.  Sometimes,  feeling  uncom¬ 
fortable  about  competition  is  wonderful;  other  times,  it  signals 
the  wrong  kind  of  fear.  Sometimes,  collaborative,  cooperative 
relationships  indicate  a  well-run  organization;  then  again, 
they  can  signal  self-indulgent  complacency.  You  need  to  know 
this. 

At  one  global  professional  services  firm,  the  CIO  realized 
that  office  rivalry  between  regions  had  passed  the  point  of 
diminishing  returns.  There  was  literally  no  incentive  for 


offices  to  share  best  practices— or  any  meaningful  informa¬ 
tion— at  all.  Not  a  single  success  story  had  anything  to  do 
with  cross-office  collaboration.  In  fact,  because  the  offices 
were  actually  ranked  against  one  another,  collaboration  was 
effectively  discouraged.  Effecting  a  change  in  incentives  and 
culture  proved  easy.  An  outside  consultancy  recommended 
the  straightforward  remedy  of  making  20  percent  of  the 
regional  CIO’s  bonus  contingent  upon  demonstrable  knowl¬ 
edge  sharing  and  cost-savings  between  the  units.  The  units 
were  also  ranked  on  how  collaborative  they  were. 

By  contrast,  another  professional  services  firm  IT  shop 
was  so  collegial  and  collaborative  that  it  passive-aggressively 
killed  efforts  to  introduce  IT  innovations  that  would  upset  the 
existing  comity.  The  IT  people  did  a  better  job  of  collaborating 
with  each  other  than  with  their  internal  clients.  The  clients 
came  second.  The  result?  The  consultants  bypassed  IT  and 
bootlegged  budgeted  IT  innovations  on  their  own.  The  CIO 
was  ultimately  asked  to  leave,  and  a  non-IT  partner  was  put 
in  charge.  A  few  of  the  surviving  IT  employees  are  unhappier, 
but  the  bulk  of  their  internal  clients  are  not.  Internal  competi¬ 
tion  energized  both  IT  and  its  users. 

Leadership  means  defining  and  designing  the  kind  of  mar¬ 
ketplace  that’s  best  for  your  IT  shop  and  enterprise.  And  it 
means  having  the  courage  to  compete  and  collaborate  and 
inspiring  your  people  to  do  the  same.  BE! 


Michael  Schrage  is  codirector  of  the  MIT  Media  Lab’s 
eMarkets  Initiative.  He  can  be  reached  at  schrage@ 
media.mit.edu.  Want  to  comment  on  this  article?  Go 
to  the  online  version  at  www.cio.com/031507 . 


CIOs  worldwide  are  impaled  on  the 
schizophrenic  horns  of  a  leadership 
dilemma.  Which  is  the  better 
investment  for  innovation:  rivalry 
or  cooperation? 


34  MARCH  15,  2007  |  www.cio.com 


PHOTO  BY  JOHN  SOARES 


Think  you  could  use  server  optimization? 

Or  are  you  okay  with  the  way  things  are  now? 


Hard  drives  sold  separately 


HP  ProLiant  DL380  G5  Rack-mount  Server 


Quad-Core  Intel®  Xeon5  Processors  E5310  (1 ,60GHz) 

Memory:  1GB  std.,  32GB  max.  (PC2-5300) 

Data  storage:  none  ship  standard,  up  to  eight  hot-pluggable  SAS  hard 
drive  bays  (576GB) 

8MB  Level  2  Cache 

Embedded  Dual  NC373i  Multifunction  Gigabit  network  adapters 

$2906" 

CDW  1091060 

m 

invent 

)  Xeon 

Quad-core. 

Unmatched. 

HP  SAS  Universal  Hard  Drives 

•  Internal,  hot-pluggable  hard  drives  for  HP  ProLiant 

DL360  G5  and  DL380  G5  Rack-mount  Series  Servers 

m 

•  10,000  rpm 


36GB  $309.99  CDW  817847 
72GB  $369.99  CDW  813363 


HP  Memory  Upgrades 

•  Work  with  HP  ProLiant  DL380  G5  Rack-mount  Servers 

1 GB  (2  x  51 2MB)  $379.99  CDW  1 00041 9 
2GB  (2  x  1GB)  $619.99  CDW  1000420 
4GB  (2  X  2GB)  $1 254.99  CDW  1 000421 


We're  There  With  The  Server  Solutions  You  Need. 

Is  managing  your  growing  number  of  servers  and  your  growing  storage  needs  getting  to  be  too  much?  At  CDW, 
we're  there  with  everything  you  need  to  optimize  your  servers.  From  server  consolidation  to  storage  management, 
networking  to  virtualization,  CDW  can  answer  your  questions  and  get  you  the  solutions  you  need.  So  call  today. 
It's  time  you  ran  your  network,  not  the  other  way  around. 


Offer  subject  to  CDW's  standard  terms  and  conditions  of  sale,  available  at  CDW  com.  ©2007  CDW  Corporation 


■■nm 


f  fgjl 
lllilil} 

MgS 


mssm 


C 1 0  Larry  Shuizberg  says 
the  real  benefit  of  speeding 
Rock-Tenn’s  close  (in  addition 
to  meeting  Sarbanes-Oxley 
requirements)  was  “consolidat¬ 
ing  accounting  by  reducing 
headcount.” 


v  *'  -**  >'v 

/V:-  :VV 

•  -  »>.  v;<  A 


■ 


m 


. 


ff.m 


Cover  Story  |  IT-Business  Alignment 


CLOSE  FAST. 

closeSMART 


When  it  comes  to  closi  ng  the  books,  the  benefits  of  speed 
are  undeniable.  And  CIOs  are  uniquely  positioned  to  help 
their  organizations  reapthem.  by  galen  gruman 


AS  LONG  AS  THEY’RE  MEETING  their  regulatory  reporting 
deadlines,  most  enterprises  don’t  think  a  lot  about  closing  their 
books  more  quickly. 

Maybe  they  should  start. 

Increasingly,  the  speed  with  which  an  organization  closes  its 
books  and  reports  its  financial  results  is  being  looked  at  by  practi¬ 
tioners,  analysts  and  investors  as  a  defining  metric  for  evaluating 
whether  the  organization  possesses  the  best  possible  processes  and 
enabling  technologies.  And  it  turns  out  that  many  companies  don’t, 
even  those  making  huge  IT  investments  and  supporting  equally 
large  IT  departments. 

World-class  companies  can  close  their  books  internally  in  five 
days,  while  top  performers  can  do  it  in  three,  says  Scott  Holland,  IT 
practice  leader  at  the  Hackett  Group,  a  strategic  advisory  firm.  But 
only  about  10  percent  of  U.S.  enterprises  are  in  that  class,  Holland 
says.  (For  the  Fortune  500’s  top  15  fastest  closers,  see  “Champion 
Closers,”  Page  38.) 

Ask  a  typical  CIO  how  his  company  could  improve  its  finan¬ 
cial  reporting  and  his  recommendations  most  likely  will  focus  on 
mechanics:  normalizing  data,  collecting  it  and  passing  it  on  to  some 
central  repository.  Some  CIOs  will  go  a  little  further  to  suggest  that 
the  data  generation  and  gathering  systems  be  reviewed  for  compli¬ 
ance  requirements.  And  that’s  fine  as  far  as  it  goes— except  it  doesn’t 


go  very  far.  It  doesn’t  address  what  most  CFOs  need;  it  doesn’t  help 
the  business  run  more  intelligently;  it  doesn’t  cement  IT-business 
alignment.  No  matter  how  integrated  a  company’s  financial  streams 
are,  CFOs  will  still  struggle  to  close  the  books  and  issue  the  appro¬ 
priate  reports.  Their  staffs  will  still  spend  countless  hours  recon¬ 
ciling  data  gathered  from  multiple  departments  and  systems— all 
under  deadlines  that  are  shrinking  even  as  regulators  ask  for  more 
information. 

At  the  very  least,  what  the  business  needs  from  IT  is  a  way  to 
make  the  financial  close  and  reporting  process  more  efficient  and 
accurate  in  order  to  lower  costs  and  minimize  the  risk  of  providing 
incorrect  information  to  stockholders  and  regulators. 

But  that’s  merely  a  tactical  improvement.  The  real  opportunities 
lie  elsewhere.  By  redesigning  the  organization’s  financial  processes 
and  then  implementing  the  technology  infrastructure  to  execute 
them,  business  managers  and 


executives  can  gain  a  near- 
real-time  view  of  financial 
performance,  enabling  them 
to  identify  problems  and 
opportunities  much  earlier. 
A  second  opportunity  is  to 
understand  the  relationships 


Reader  ROI 

::  How  a  fast  close  can  lead  to 
better  IT-business  alignment 

::  Why  good  integration  doesn't 
always  produce  fast  reporting 

::  HowXBRLcan  help  a 
company  report  faster 


PHOTO  BY  STAN  KAADY 


www.cio.com  |  MARCH  15,  2007  37 


Cover  Story  |  IT-Business  Alignment 


of  all  financial  information  so  managers 
and  executives  can  do  analysis  outside 
the  box.  Lastly,  by  providing  accurate 
filings  more  quickly  than  your  competi¬ 
tors,  your  company  will  increase  inves¬ 
tor  confidence,  and  that  will  put  a  smile 
on  the  face  of  every  business  executive 
and  make  the  CIO  king  for  (at  least)  a 
day.  (For  how  a  faster  close  can  lead 
to  better  business-IT  alignment,  see 
“Speeding  Alignment,”  Page  42.) 


NEEDED:  THE  BIG  PICTURE 

Noel  Gorvett  is  well  aware  of  how  an 
organization  can  miss  the  opportuni¬ 
ties  offered  by  speeding  the  close. 

In  2002,  Gorvett,  the  group  business 
systems  manager  at  book  publisher 
Pearson,  began  exploring  centralizing 
group  reporting.  The  idea  was  to  replace 
the  more  than  400  general  ledgers  and 
80  ERP  systems  in  use  throughout  the 
global  publisher’s  operating  units  in  60 
countries  to  track  $7  billion  in  annual 
revenue.  The  IT  group’s  goal  was  more 
efficient  maintenance  through  a  com¬ 
mon  technology  base.  But  the  focus 
on  platform  integration  overlooked  a 
key  business  need:  a  way  to  report  the 
financial  information  flowing  through 
the  systems  in  a  meaningful,  consistent 
way  at  the  departmental  and  executive 
levels. 

“Each  Pearson  department  was 
working  off  its  own  assumptions,” 

Gorvett  recalls,  such  as  the  criteria  for 
sales  forecasts  and  profit  margins.  That 
made  it  difficult  to  create  a  consolidated 
financial  report,  much  less  to  identify  variations  from  plan  so  man¬ 
agers  could  act  quickly  while  there  was  still  time  to  do  so  usefully. 
It  became  clear  to  Pearson’s  group  CFO  in  summer  2003  that  a 
different  approach  was  needed,  one  that  focused  on  fixing  ineffi¬ 
ciencies  in  the  financial  reporting  process  itself  and  standardizing 
processes  across  Pearson.  That  way,  executives  could  work  from  the 
same  financial  assumptions,  no  matter  what  applications  they  used 
to  manage  their  books.  This  in  turn  would  enable  them  to  quickly 
identify  significant  differences  across  divisions  and  adjust  strate¬ 
gies  if  needed.  And  the  processes  would  gather  the  information 
that  would  be  needed  for  compliance,  regulatory  and  stockholder 
filings— no  more  scrambling  to  retrieve  this  information  at  each 
close  from  buried  Excel  spreadsheets  or  by  running  queries  against 
transaction  systems. 

So  Gorvett— working  as  a  liaison  between  the  CFO  and  the 
CIO— led  Pearson  on  a  tack  that  determined  standard  financial 


transaction,  auditing  and  reporting 
processes  for  the  whole  company— cre¬ 
ating,  for  the  first  time,  a  standard  chart 
of  accounts.  This  provided  a  unified  list 
of  all  accounting  data  tracked  to  ensure 
that  everyone  used  the  same  definitions 
and  categories  and  that  the  enterprise 
captured  all  the  financial  information 
it  needed  at  all  locations. 

The  next  step  was  to  set  up  the  techni¬ 
cal  requirements  for  what  data  needed 
to  be  captured  from  what  sources,  how 
it  would  be  presented  to  the  central 
financial  reporting  tool  and  what  pro¬ 
cesses  had  to  be  followed  to  generate  the 
results.  That  way,  no  matter  what  tech¬ 
nology  platform  a  division  happened 
to  use,  the  data  that  management  was 
receiving  would  be  consistent,  accurate 
and  timely. 

The  result:  Pearson  was  able  to  close 
its  quarterly  books  in  six  days  (down 
from  about  20)  and  reduce  its  year- 
end  reporting  time  from  eight  weeks 
to  six  weeks.  And  because  everyone 
was  working  from  the  same  chart  of 
accounts,  financial  staffers  no  longer 
had  to  burn  the  midnight  oil  to  translate 
their  financial  information  into  what 
the  executive  team  needed. 

THE ROI OF  SPEED 

The  Hackett  Group’s  studies  show  that 
“world-class  companies  spend  45  per¬ 
cent  less”  on  their  closing  and  reporting 
efforts  than  other  companies,  which  on 
average  saves  $5.5  million  per  $1  billion 
in  revenue.  These  savings  come,  in  part, 
from  needing  fewer  people  and  systems  to  scrub  data. 

There’s  a  compliance  payoff  as  well:  Consistent,  self-auditing 
processes  help  companies  more  easily  conform  to  regulatory  man¬ 
dates  such  as  Sarbanes-Oxley  by  reducing  the  risk  of  errors,  says 
Peter  Harries,  a  partner  at  accounting  consultancy  Pricewater- 
houseCoopers. 

A  faster  close  also  helps  large,  public  companies— typically  those 
whose  stock  is  worth  more  than  $700  million— meet  new  and  more 
stringent  regulatory  reporting  deadlines  from  the  Securities  and 
Exchange  Commission.  As  of  Dec.  15, 2006,  such  “large  accelerated 
filers”  had  to  complete  their  annual  10-K  reports  within  60  days 
of  the  fiscal  year  end,  down  from  75.  (The  schedule  for  quarterly 
10-Q  reports  was  maintained  at  40  days.)  A  2006  Hyperion  sur¬ 
vey  of  SEC  filings  (covering  2003  to  2005)  shows  that  the  average 
Fortune  500  company  takes  67  days  to  file  its  annual  reports,  with 
76  percent  taking  more  than  60  days.  These  statistics  show  how 


Champion  Closers 

The  average  Fortune  500  company 
between  2003  and  2005  took  67  days  to 
report  its  annual  earnings.  Twenty-three 
companies  took  more  than  90  days  to 
report  their  results.  (Reporting  includes 
the  closing  process.)  Here  are  the  top  15 
fastest  closers. 


Sears  Holdings 

15  days 

Loews 

20 

News  Corp. 

21 

Mohawk  Industries 

22 

Mosaic 

22 

Ashland 

23 

Caterpillar 

24 

Liberty  Global 

24 

Automatic  Data  Processing 

25 

Viacom 

25 

Southwest  Airlines 

32 

Freescale  Semiconductor 

35 

Qualcomm 

38 

Genworth  Financial 

39 

United  Technologies  Corp. 

39 

SOURCE:  Hyperion  study  of  SEC  data  from  the  Edgar  data¬ 
base;  based  on  2006  data  from  451  of  the  500  companies 

38  MARCH  15,  2007  |  www.cio.com 


World-class  companies  spend  45%  less  on  their  closing  and 
reporting  efforts  than  other  companies,  which  on  average 
saves  $5.5  million  per$l  billion  in  revenue. 


close  to  the  edge  many  companies  live.  Reducing  the  time  it  takes  to 
close  helps  free  up  time  for  reporting,  says  Joe  Kuehn,  an  advisory 
partner  at  accountancy  KPMG. 

Finally,  a  fast  close  builds  investor  confidence.  Investors  are  right 
to  make  the  inference,  Kuehn  says,  that  if  the  close  is  slow  it  means 
processes  are  broken.  And  if  the  processes  are  broken,  he  says, 
chances  are  the  data  is  broken. 

There’s  another  hard-to-quantify  but  critical  payoff:  smarter 
business  management. 

“World-class  organizations  go  from  transaction  mode  to  analy¬ 
sis  mode,”  says  Hackett  Group’s  Holland,  using  financial  data  for 
analysis  that  highlights  problems,  identifies  opportunities  and 
considers  potential  shifts  in  customer  behavior,  marketing  effec¬ 
tiveness  and  product  requirements. 

“A  close  is  a  step  in  time,  and  it’s  only  meaningful  if  it’s  close 
enough  to  the  present,”  says  Terry  Flood,  COO  and  president  of 
Logicalis  Group,  an  IT  consultancy. 

“As  business  expands,  it  becomes  imperative  to  have  credible 
snapshots  of  performance.  The  close  is  the  lens,”  says  Logicalis 
CFO  Greg  Baker. 

So  Logicalis  has  established  both  common  processes  and  a  com¬ 
mon  technology  platform.  The  result:  a  four-day  close.  “All  our 
managers  are  tied  into  the  metrics  of  our  company.  If  we  waited  a 
month,  we’d  miss  those  key  measurements,”  Baker  says. 

“When  IT  marries  up  with  the  CFO  or  CEO,  we  see  tremendous 
success,”  says  Holland. 

A  CURE  FOR  MANDATE  MADNESS 

For  many  companies,  meeting  complex  requirements,  such  as 
evaluating  the  effectiveness  of  newly  required  accuracy  controls,  in 
the  same  amount  of  time— or  even  in  less  time 
than  before— forces  executives  to  rethink  their 
closing  and  reporting  processes.  That  was  the 
case  at  Rock-Tenn,  a  $2.1  billion  manufacturer 
of  paperboard  products  such  as  packaging  and 
retail  displays. 

“The  close  had  been  a  perfunctory  pro¬ 
cess— no  one  really  looked  at  it.  Then  Sarbox 
came  along,”  recalls  CIO  Larry  Shutzberg.  Sar- 
banes-Oxley  exposed  all  the  touchpoints  in  the 
process  where  errors  could  creep  in. 

“We  have  90-plus  locations,  with  people 
doing  accounting  functions  in  the  field.  Get¬ 
ting  everybody  to  do  what  they  need  to  do  is  like 
herding  cats,”  Shutzberg  notes.  Add  to  that  chal¬ 
lenge  a  string  of  acquisitions  and  management’s 
attention  was  diverted  from  the  increasingly 


patchwork  financial  processes  that  were  taking  root. 

So  Shutzberg,  working  with  his  CFO,  led  an  effort  to  identify  and 
standardize  Rock-Tenn’s  financial  controls. 

“It  was  a  painful  process,”  he  says,  overcoming  people’s  resis¬ 
tance  to  let  go  of  systems  they  had  used  for  years.  Shutzberg  uses 
software  from  Movaris  to  determine  what  Sarbanes-Oxley  would 
require  of  the  revamped  processes,  and  then  to  test  the  new  pro¬ 
cesses  against  the  requirements. 

“The  first  thing  you  need  to  do  is  understand  your  current  state,” 
advises  PricewaterhouseCoopers’  Harries. 

Shutzberg’s  first  step  was  to  create  standard  Excel  checklists  for 
all  Rock-Tenn  financial  and  accounting  staff.  But  truly  adhering  to 
Sarbanes-Oxley’s  requirements  “was  impossible  to  do  with  spread¬ 
sheets,  e-mail  and  PowerPoints,”  he  notes,  because  it’s  extremely 
difficult  to  validate  the  accuracy  and  consistency  of  such  disparate, 
individually  maintained  data.  So  Rock-Tenn  launched  a  project  to 
replace  its  aging  ERP  system  with  one  that  supports  Sarbanes- 
Oxley  processes  out  of  the  box.  When  it’s  deployed  later  this  year, 
“we’ll  see  if  it’s  good  enough,”  Shutzberg  says. 

THE  BOTTOM  LINE  PAYOFF 

The  process  efforts  at  Rock-Tenn  have  reduced  its  closing  time  from 
15  days  to  10.  But  “the  business  didn’t  feel  disadvantaged  when  we 
were  closing  in  15,”  Shutzberg  says.  The  real  benefit  for  Rock-Tenn 
(in  addition  to  meeting  Sarbanes-Oxley  requirements),  he  says,  was 
“in  consolidating  accounting  by  reducing  headcount.” 

An  efficient  financial  process  typically  lowers  costs  by  eliminat¬ 
ing  the  need  for  reconciliation  across  systems  and  processes,  thus 
reducing  demands  on  staff,  and  by  eliminating  duplication  of  effort 
across  organizations.  Common  processes  and  systems  allow  for 
more  automation  and  shift  responsibility  to  a 
smaller  set  of  managers. 

At  Accenture,  sales,  general  and  administra¬ 
tive  expenses  have  dropped  1  percent  a  year  as  a 
share  of  revenue,  says  Tony  Coughlan,  control¬ 
ler  and  chief  accounting  officer— that’s  a  $166 
million  drop  for  Accenture  in  2006,  given  its 
$16.6  billion  in  revenue.  In  essence,  Accenture’s 
accounting  costs  have  stayed  fiat  as  the  busi¬ 
ness  has  grown,  he  notes.  Coughlan  attributes 
this  payoff,  in  part,  to  reworked  financial  pro¬ 
cesses  and  a  consolidated  technology  platform: 
“We’ve  cut  finance  headcount  even  as  we  grew, 
and  a  significant  driver  was  our  ability  to  lever¬ 
age  the  infrastructure  better.”  IT  costs  relative 
to  corporate  revenue  have  also  dropped  by  half, 
says  Accenture  CIO  Frank  Modruson.  “And  we 


As  of  Dec.  15, 2006, 
“large  accelerated  filers” 
hadto  complete  their 
annual  10-K  reports 
within60days  ofthe 
fiscal  year  end,  down 
from  75.  But  the  average 
Fortune  500  company 
takes  67  days  to  file  its 
annual  reports,  with 
76%  taking  more  than 
60  days. 

SOURCE:  2006  Hyperion  survey  of 
SEC  filings 


www.cio.com  |  MARCH  15,  2007  39 


£*6auct  shown  is  HS20.  IBM,  tTmiBM  logo,  IBM  Director,  PowerExecutive,  BladeCenter^wro  Take  Back  Control 
are  trademarks  or  registered  trademam^f  International  Business  Machines  Corporatiomjrflhe  United  States  and/or 
other  countries.  Intel,  Intel  logo,  Intel  lnsiOT^|cgo,  Intel  Xeon  and  Xeon  are  trademaj^ffor  registered  trademarks  of 
Intel  Corporation  or  its  subsidiaries  in  the  Unite^l|tfis  and  other  countries.  ©  200£,HSm  Corporation.  All  rights  reserved. 


I 

*  » 1 

rr~Z 

Oi 

. »  « 

i 

wmm 

XeoiY 


inside" 


Dual-core. 
Do  more. 


.INFRASTRUCTURE  LOG 

_DAY  51:  The  time  and  money  it  takes  to  manage  these 
servers — not  to  mention  the  energy  we’re  wasting — is  out 
of  control.  We’re  literally  pouring  money  into  them: 

$50s,  $100s — they  even  take  euros. 

.Whoever  came  up  with  “add  an  app,  add  a  server”  forgot 
to  “add  an  ATM.” 

.DAY  53:  I’ve  taken  back  control  with  an  IBM  BladeCenter® 
with  Dual-Core  Intel®  Xeon®  processor  technology.  Its 
IBM  Director  gives  us  a  single  point  of  control,  so  we  can 
centrally  manage  routine  tasks,  and  IBM  PowerExecutive™ 
calibrates  cooling  and  system  processing  to  optimize 
power  usage.  Helping  save  time  and  money. 

_I  am  Ned.  I  am  so  money. 


IBM.COM/TAKEBACKCONTROL/BLADE 


Cover  Story  |  IT-Business  Alignment 

Speeding  Alignment 


When  the  CIO  and  CFO  work  together,  you  get  a  better-managed 
company,  not  to  mention  a  faster  close 

AS  COMPANIES  ACCELERATE  THEIR  CLOSE,  improve  the  ubiquity  of  the 
financial  process  and  lower  their  costs,  “you  move  to  a  shared  service  center,"  says 
Peter  Harries,  a  partner  at  PricewaterhouseCoopers.  And  that  evolution  depends 
on  business  and  IT  being  closely  aligned. 

The  benefits  of  alignment  go  beyond  increasing  the  likelihood  of  identifying 
opportunities  or  dangers  earlier,  says  Terry  Flood,  COO  of  IT  integration  provider 
Logicalis  Group.  "Good  relations  between  the  CIO  organization  and  the  CFO  organi¬ 
zation  just  cost  less.  You’ll  have  infrastructures  that  save  the  company  money,  and 
you’ll  get  focused  on  how  to  make  the  company  money,’’  he  says. 

In  this  partnership,  though,  the  CIO  is  typically  the  junior  partner.  “For  financial 
reporting,  the  buck  stops  with  the  CFO  and  other  executive  management,  so  they 
drive  the  show,"  says  Steven  Kursh,  executive  professor  of  finance  and  insurance  at 
Northeastern  University. 

That  doesn’t  mean,  however,  that  the  CIO  is  merely  an  executor. 

"Having  a  CIO  who  understands  the  needs  of  finance  for  reporting  and  daily 
financial  needs  will  help  the  CIO  bring  the  right  technology  and  packages  to  meet 
these  needs,”  says  Joe  Kuehn,  an  advisory  partner  at  accountancy  KPMG.  He’s  seen 
simple  examples  of  that  with  his  clients.  For  example,  reports  are  historically  created 
monthly,  and  people  have  grown  accustomed  to  waiting  for  the  next  report  before 
formulating  their  strategies.  “No  one  ever  asks  for  more  frequent  reports,”  he  says, 
but  a  tuned-in  CIO  will  notice  that  decisions  are  being  held  up  and  use  automation  to 
make  reports  available  more  frequently. 

And  sometimes  the  CIO  takes  a  larger  role.  For  example,  at  paperboard  manufac¬ 
turer  Rock-Tenn,  CIO  Larry  Shutzberg  was  heavily  involved  with  defining  the  financial 
process.  "But  if  I  followed  the  traditional  role  of  the  CIO,  I’m  not  sure  I  would  have 
had  the  same  role  in  the  revised  financial  process,”  he  says.  -G.G. 


MANAGING  SMARTER 

Accenture  wasn’t  just  looking  for  cost 
reductions.  When  it  converted  from  a  pri¬ 
vate  partnership  to  a  publicly  held  company 
in  2001,  “we  were  publishing  our  reports 
40  days  after  closing,  and  the  deadline  then 
was  45  days,”  recalls  Coughlan.  “That  didn’t 
look  as  good  as  we  wanted.” 

A  big  reason  reporting  took  so  long  was 
that  Accenture’s  decentralized  organiza¬ 
tion-designed  for  a  partnership— didn’t 
support  the  visibility  that  investors  and 
regulators  demanded  and  that  senior  execu¬ 
tives  could  use  to  be  more  nimble.  “You  end 
up  with  different  versions  of  the  truth.  With 
different  systems,  you  get  timing  differences 
that  make  it  hard  to  cross-check  your  finan¬ 
cial  data,”  says  Modruson.  That  slowed  both 
the  close  and  reporting  processes  and  risked 
incomplete,  conflicting  information  that 
could  hobble  the  company. 

Coughlan,  Modruson  and  management 
reporting  chief  David  Rowland  tackled 
the  problem  on  two  fronts  over  a  three- 
year  effort  that  ended  in  September  2004. 

(“We  had  to  join  at  the  hip,”  recalls  Modru¬ 
son.)  The  first  front  was  to  rework  a  series 
of  sequential  processes  into  a  single  one, 
thereby  reducing  touchpoints.  The  second 
was  to  consolidate  various  financial  systems 
into  a  single  instance  of  SAP’s  ERP  system, 
converting  450  systems  into  one  ERP  implementation.  In  addi¬ 
tion  to  reducing  expenses,  these  efforts  lowered  the  reporting  time 
from  40  to  22  days,  letting  Accenture’s  financial  staff  go  on  vacation 
for  Christmas  2006— a  first,  Coughlan  notes.  United  Technologies 
Corp.  (UTC),  a  $48  billion  diversified  manufacturer,  also  gained  a 
quality-of-life  ROI  from  its  financial  integration  efforts,  notes  CIO 
John  Doucette.  “People  no  longer  work  until  2  a.m.  to  meet  reporting 
deadlines,”  Doucette  says.  “They  go  home  on  time.” 

But  the  critical  business  advantage  UTC  reaped  from  its  faster 
close  is  actionable  insight.  “It’s  about  getting  information  quickly, 
to  be  able  to  act  on  it,”  says  Greg  Hayes,  UTC’s  VP  for  account¬ 
ing  and  finance.  For  example,  in  fall  2006,  he  noted  a  drop-off  in 
air  conditioning  orders  just  as  external  data  showed  a  decline  in 
new-home  construction  across  the  United  States.  Armed  with  cur¬ 
rent  sales  shifts,  UTC  adjusted  its  orders  so  it  wouldn’t  get  stuck 
with  inventory,  and  it  adjusted  factory  schedules  so  it  wouldn’t 
produce  as  many  air  conditioners.  “Knowing  only  the  general  trend 
wouldn’t  have  shown  us  the  specific  implications  for  our  business,” 
says  Hayes. 

To  achieve  that  degree  of  agility,  UTC  consolidated  250  instances 


of  Hyperion  financial  reporting  tools  into  one  instance  of  Hyperion 
Financial  Management  (HFM)  across  its  six  subsidiaries,  such  as 
helicopter  maker  Sikorsky,  aircraft  engine  maker  Pratt  &  Whitney 
and  air  conditioning  maker  Carrier.  By  having  a  common  reporting 
and  analysis  tool  into  which  all  subsidiaries  feed  consistent  financial 
data,  the  company  has  achieved  a  five-day  close,  down  from  eight. 

“If  we  had  a  single  ERP  system,  I  think  we  could  close  the  books 
in  one  day,”  Hayes  says.  But  he  doesn’t  think  it  makes  sense  to 
impose  the  cost  of  conversion  to  a  single  ERP  platform  on  six  dis¬ 
tinct  subsidiaries  given  how  fast  the  organization  closes  already. 

As  Pearson’s  and  UTC’s  experiences  show,  a  unified  technol¬ 
ogy  base  can  make  an  efficient  process  execute  faster,  but  Hackett 
Group’s  Holland  advises  that  CIOs  first  identify  the  right  business 
processes  for  the  ERP  or  other  systems  to  execute. 

In  fact,  that’s  Pearson’s  strategy,  says  Gorvett.  With  a  consistent 
financial  process  in  place  that  delivers  what’s  needed,  the  company 
is  now  able  to  focus  on  consolidating  its  ERP  platforms.  And  while 
UTC  doesn’t  expect  to  see  a  single  instance  of  ERP  across  all  six 
subsidiaries,  it  is  moving  to  consolidate  each  unit  on  just  one  ERP 
system. 


42  MARCH  15,  2007  |  www.cio.com 


Over  1 80,000 

Small  And  Medium  Businesses 


"Reduced  inventory 
by  48%  at  a  single  plant" 

HOLOGIC  "Reduced  administration 

costs  by  50%" 

Hologic,  1500  employees 
Oracle  E-Business  Suite 

w  Sales  Tax  Solutions 


vAudit,  15  employees 
Oracle  Database  Standard  Edition 
Oracle  Application  Server  Standard  Edition  One 


A 

Audit 


Get  Better  Results 


oracle.com/goto/smb 
or  call  1.800.0RACLE.1 


Copyright  ©  2006,  Oracle.  All  rights  reserved.  Oracle,  JD  Edwards,  PeopleSoft  and  Siebel  are  registered  trademarks  of  Oracle  Corporation  and/or  its  affiliates. 

Other  names  may  be  trademarks  of  their  respective  owners. 


Cover  Story  |  IT-Business  Alignment 


By  speeding  UTC's  close, 
CIO  John  Doucette  reports, 
“People  no  longer  work 
until  2  a.m.  to  meet  report¬ 
ing  deadlines.  They  go 
home  on  time.” 


WHY  REPORTING  IS  DIFFERENT 

Even  organizations  that  have  fast  closes  find  it  hard  to  reduce  the 
time  it  takes  to  report  results  to  investors  and  regulators.  UTC  takes 
only  five  days  to  close  its  books  each  quarter,  but  it  takes  another 
17  days  to  prepare  the  10-Q  quarterly  filings  for  the  SEC.  And  the 
annual  10-K  takes  a  few  days  more. 

The  review  process  relies  largely  on  human  effort.  Lots  of  peo¬ 
ple-executives,  legal  staff,  board  members— have  to  go  through  the 
financial  data  and  projections,  as  well  as  the  legal,  labor,  personnel 
and  other  issues  that  may  need  to  be  disclosed.  Even  if  automated 
tools  are  used  to  gather  all  the  financial  data  for  these  filings  (rather 
than  just  the  data  needed  to  close  the  books),  this  other  information 
requires  human  judgment  to  articulate.  And  not  all  organizations 
have  knowledge  management  systems  that  can  track  and  make  such 
information  easily  available,  says  KPMG’s  Kuehn. 

To  speed  the  process  and  improve  filing  accuracy,  UTC  deployed 
a  legal  case  tracking  system  so  the  status  of  all  legal  issues  can  be 
found  quickly.  The  company  is  also  using  a  two-year-old  technol¬ 
ogy  standard  called  the  Extensible  Business  Reporting  Language 
(XBRL)  to  tag  its  filings,  and  that’s  a  horse  of  still  another  color. 

A  NEW  BUSINESS  LANGUAGE 

XBRL  has  been  touted  by  the  SEC  as  a  way 
to  make  information  more  easily  accessible 
to  investors  and  regulators,  but  there’s  a 
direct  benefit  to  the  enterprise  itself.  XBRL 
makes  all  information  in  a  filing  accessible 
through  standard,  tag-based  formatting,  as 
XML  does  for  transaction  data.  But  XBRL 


also  provides  structure  for  validation 
rules,  queries  and  analysis  rules,  notes 
Mike  Willis,  a  PricewaterhouseCoopers 
partner.  If  XBRL  were  introduced 
throughout  the  enterprise’s  financial 
closing  and  reporting  process,  rather 
than  simply  used  as  a  report  format  after 
the  fact,  users  would  gain  new  controls 
and  insights  into  their  data,  Willis  says. 
“They  can  automate  analytic  rules  rather 
than  auditing  manually,  which  would 
reduce  costs  and  speed  the  process,” 
he  adds.  Plus,  the  use  of  XBRL  would 
ensure  that  a  company’s  reports  reach 
their  stockholders  (and  analysts)  unfil¬ 
tered  by  third-party  aggregators.  “It  lets 
companies  tell  their  own  stories,”  says 
Willis. 

That  scenario  is  probably  a  year  or 
two  away,  predicts  John  Stantial,  UTC’s 
director  of  financial  reporting,  since  the 
SEC  currently  does  not  accept  XBRL 
reports  as  the  official  filing  (they  can  be 
filed  in  addition  as  part  of  a  testing  pro¬ 
gram).  In  the  meantime,  companies  can 
use  XBRL  and  convert  the  data  to  the  SEC’s  official  format. 

Stantial  believes  an  XBRL-based  reporting  workflow  would 
reduce  the  time  to  produce  quarterly  reports  by  20  percent, 
because  the  tagged  data  would  let  the  reporting  systems  automati¬ 
cally  update  the  financials.  Stantial  says  that  companies  like  UTC 
typically  spend  one  to  three  weeks  per  report  on  all  sorts  of  govern¬ 
ment-required  information,  such  as  labor  statistics,  unemployment 
statistics  and  tax  reporting.  “With  XBRL,  I  could  push  a  button  and 
get  that  in  five  minutes,”  he  says. 

The  SEC  is  spending  $54  million  to  make  its  electronic  Edgar 
reporting  system  XBRL-capable,  and  the  effort  to  complete  the  stan¬ 
dard  SEC  reporting  taxonomies  should  be  done  by  June,  so  Stantial 
speculates  that  XBRL-based  reporting  will  begin  by  2008.  (Gartner 
has  made  similar  predictions.)  And  he  expects  the  Department  of 
Labor  and  the  IRS  to  follow  suit. 

Beyond  making  reporting  easier,  XBRL  will  improve  internal 
visibility  into  company  financials,  Stantial  predicts.  Although  UTC 
has  a  fast,  five-day  close  with  standard  processes,  there’s  still  room 
for  interpretation  in  what’s  reported.  For  example,  an  executive 
may  want  to  know  the  operating  expenses  as  a  percentage  of  sales 
for  all  UTC’s  major  locations.  But  “operating  expenses”  could  be 
interpreted  differently.  Plus,  it  can  take  several  days  to  respond  to 

requests,  and  the  answers  may  come  back 
in  different  forms,  such  as  e-mails  and  Excel 
spreadsheets,  that  must  then  be  consolidated 
manually.  But  if  the  various  general  ledgers 
and  ERP  systems  in  use  throughout  UTC’s 
subsidiaries  were  XBRL-enabled,  Stantial 
wouldn’t  have  to  wait  for  the  financial  data 


It’s  All  About  the  Money 


Learn  more  about  the  CF0-CI0  RELATIONSHIP, 
and  WHAT  CIOS  SHOULD  KNOW  ABOUT 
FINANCE  in  our  special  Money  Issue  at 
www.cio.com/money. 

cio.com 


44  MARCH  15,  2007  |  www.cio.com 


PHOTO  BY  STEVEN  VOTE 


to  be  prepared  in  UTC’s  standard  format;  XBRL  makes  it  automati¬ 
cally  accessible. 

Several  commercial  tools  now  come  with  XBRL  capabilities, 
including  Hyperion  Financial  Management,  Oracle  Financials  and 
Cartesis.  Willis  and  Stantial  expect  XBRL  capability  to  be  built  into 
most  commercial  financial  applications  as  they  are  upgraded. 

“XBRL  is  not  expensive,  and  it’s  not  technical;  it’s  all  there  for 
a  layperson.  And  there’s  a  very  impressive  support  network  out 
there,”  Stantial  says,  which  is  why  he’s  frustrated  that  few  compa¬ 
nies  have  adopted  it.  Most  view  XBRL  simply  as  a  new  data  format 
that  no  one  is  required  to  use,  so  why  spend  time  looking  into  it? 

But  there  are  signs  of  increasing  interest.  “Usage  picked  up 
substantially  in  2006,”  says  Jeff  Naumann,  an  SEC  technology 
specialist.  He  suspects  that  XBRL’s  release  around  the  time  of  Sar- 
banes-Oxley  doomed  it  to  the  back  burner  for  the  past  two  years. 

GO  FAST  FOR  THE  RIGHT  REASONS 

A  faster  close  is  a  good  indicator  of  successful  financial  processes, 
says  PricewaterhouseCoopers’  Harries.  But  going  faster  for  its  own 
sake  should  not  become  an  enterprise  goal.  “If  you  improve  quality 
and  cost,  [speed]  usually  improves,  but  if  you  drive  for  [speed],  the 
others  may  not  improve,”  he  says. 

“When  we  think  about  closing,  quality  comes  first,”  says  Dow 
Chemical  CIO  David  Kepler. 

“In  no  way  should  speed  ever  sacrifice  quality.  If  there’s  one 


“In  no  way  should  speed  ever 
sacrifice  quality.  Ifthere’sone 
lesson  learned  over  the  last 
several  years,  it’s  that  the  integrity 
of  financial  reporting 
is  paramount.” 

-PETER  HARRIES,  PRICEWATERHOUSECOOPERS 

lesson  learned  over  the  last  several  years,  it’s  that  the  integrity  of 
financial  reporting  is  paramount,”  concurs  Harries. 

“Garbage  in,  garbage  out,”  warns  KPMG’s  Kuehn. 

When  it  comes  to  a  fast  close,  the  bottom  line  is  to  empower 
companies  with  trustworthy,  current  information.  “Yes,  we  close 
faster  today,  but  what  we  really  did  is  to  get  information  to  people 
faster,”  says  Kepler,  drawing  an  important  distinction  for  all  CIOs 
and  enterprises  chasing  the  faster  close.  BQ 


Galen  Gruman  is  a  California-based  freelancer.  To  comment  on  this  article, 
go  to  the  online  version  at  www.cio.com/031507. 


Atlantic  Canada 


Newfoundland 
and  Labrador 


Canada 


of  foreign  companies  who  operate  here  say  that  Atlantic  Canada  meets 
or  exceeds  expectations. 

of  companies  in  the  customer  contact  field  say  the  quality  of  our  workforce 
is  better  than  or  superior  to  other  locations. 

of  Atlantic  Canada  foreign-owned  companies  would  recommend  our  region 
for  business  expansion  and  investment. 


New  Brunswick 


Prince  Fa?  ward  Island 


Nova  Scotia 


lada  has  a  highly  educated  work  force,  a  lower  cost  of  living  and  easy  access 
)  both  North  America  and  Europe.  It  all  adds  up  to  a  profitable  place  to  do  f 
r  the  complete  story,  visit  www.investatlanticcanada.com.  A 


A  profitable  place  to  do  business. 

www.investatlanticcanada.com 


HALIFAX,  NOVA  SCOTA  • 


1 

HIMMIIII  V 

HIHIlHIl  KI 

IMMMIHI  Hi 

MHilillh  i 

"'W 

Mimiuii  i  i»tli 

Staffing 


Your 


CIOs  need  to  take  an  active  role  in  recruiting  IT  talent.  But  before 
you  set  out  to  solve  the  staffing  puzzle,  know  the  answers  to 

these  7 critical  questions.  BY  STEPHANIE  overby 


Reader  ROI 

::  Why  you  need  a 
recruiting  framework 

::  How  to  woo 
candidates  from 
the  business 

::  Tips  for  calculating 
compensation 


It's  starting  to  feel  like  1999  all  over  again  for  Alan  Boehme,  the 

year  the  dotcom/digital  economy  hit  its  high-water  mark  and  the  IT  job  market  peaked. 
On  the  one  hand,  that’s  a  good  thing.  “IT  is  in  vogue  again,”  says  Boehme,  CIO  of  Juniper 
Networks.  “It  is  not  just  for  cost-cutting.  It’s  seen  as  key  to  growth.” 

On  the  other  hand,  it’s  a  nightmare.  Growing  on  average  by  12  percent  year  over  year, 
the  $2  billion  company’s  appetite  for  business-enabling  IT  systems  is  insatiable.  And  so 
is  Boehme’s  need  for  IT  staff.  His  hiring  activity  picked  up  about  30  percent  last  year, 
when  he  had  60  open  positions.  The  market  for  tech  talent  is  increasingly  competitive, 
says  Boehme,  particularly  where  he  sits  in  Silicon  Valley. 

Boehme’s  experience  is  borne  out  by  the  numbers.  Nearly  two-thirds  of  CIOs  who 
had  staffing  forecasts  projected  an  increase  in  headcount,  according  to  Gartner’s  2006 
“IT  Market  Compensation  Study.”  Of  those,  almost  19  percent  anticipated  an  uptick  of 
10  percent  or  more,  compared  with  5.2  percent  in  2004  and  17.9  percent  in  2005.  Overall 
employment  in  the  tech  sector  has  increased  since  the  second  quarter  of 2005  and  is  now 
at  its  highest  level  in  four  years,  nearly  matching  prerecession  IT  employment  highs, 
according  to  Forrester  Research.  A  tightening  labor  market  may  be  good  for  technology 
workers,  but  it’s  a  challenge  for  CIOs. 

“The  recent  upturn  has  presented  IT  professionals  with  more  options  and  differing  expec¬ 
tations,”  says  Samuel  Bright,  Forrester’s  IT  staffing  and  careers  analyst.  “It  forces  enterprise 


46  MARCH  15,  2007  |  www.cio.com 


ILLUSTRATION  BY  JIM  FRAZIER 


Staffing 


IT  not  only  to  compete  with  other  enterprise  IT  shops  but  also  con¬ 
sulting  firms,  outsourcers  and  technology  vendors  for  the  same  pool 
of  IT  talent.”  Like  it  or  not,  enterprise  IT  is  not  as  glamorous  as  work¬ 
ing  for  Google.  ‘As  a  result,”  Bright  says,  “CIOs  have  to  take  a  more 
strategic  approach  when  it  comes  to  recruiting.” 

IT  executives  can  no  longer  afford  to  delegate  staffing  to  the  back 
burner.  It  takes  the  right  people  with  the  right  skills  to  help  IT  fulfill 
its  mission.  But  where  to  begin?  Right  here,  with  answers  to  some  of 
the  most  pressing  recruitment  concerns  CIOs  face  today. 

IMost  IT  recruiting  is  done  by  HR  and  middle 
management.  What's  my  role? 

Penske’s  Stephen  Pickett  likens  his  role  in  IT  recruiting  to  that 
of  the  coach  in  college  athletics.  “The  CIO  should  be  the  chief 
sales  and  marketing  executive  for  IT  recruiting,”  says  Pickett, 
vice  president  and  CIO  of  the  transportation  company. 

“They  are  the  ones  that  sell  the  future.” 

First,  the  CIO  needs  to  provide  the  recruit¬ 
ing  framework  for  the  IT  organization.  “They 
should  focus  on  more  than  headcount,”  says 
Bright.  “The  CIO  has  to  articulate  a  vision.” 

At  the  strategic  level,  IT  leaders  should  focus 
on  identifying  key  positions  and  building 
competency  models  for  them.  They  also  must 
make  sure  high-level  recruiting  strategy  trans¬ 
lates  into  frontline  action  by  hiring  managers. 

Unfortunately,  CIOs  tend  to  spend  more  time 
managing  up  than  managing  down.  But  smart 
IT  leaders  invest  time  in  things  like  skip-level 
meetings  with  the  direct  reports  of  their  direct 
reports  and  reviewing  recruiting  metrics  (vol¬ 
ume  of  incoming  resumes,  number  of  candi¬ 
dates  being  interviewed,  turnover  rates)  to 


make  sure  their  vision  becomes  reality. 

It’s  the  CIO’s  job  to  make  other  strategic  staffing  decisions  as 
well.  For  Boehme,  that  means  figuring  out  the  best  use  of  hiring 
bucks.  “More  than  ever  you  find  yourself  managing  dollars,  not 
headcount,”  Boehme  explains.  “I  have  to  consider  all  my  options. 
Should  I  hire  four  people  in  India?  One  person  in  the  U.S.  or 
Europe?  Two  contractors  instead?” 

Perhaps  the  most  important  role  the  CIO  has  is  lobbying  the 
business  for  recruiting  support.  Alastair  Behenna,  CIO  for  U.K.- 
based  staffing  firm  Harvey  Nash,  says  his  job  is  “going  to  battle 
for  headcount,  salary  reviews  and  benefits.”  That’s  something  IT 
leaders  could  stand  to  do  more  of,  says  David  Foote,  president  and 
chief  research  officer  for  Foote  Partners,  a  workforce  management 
research  firm  based  in  New  Canaan,  Conn. 

“When  CIOs  look  ahead  and  think  about  what’s  going  to  make 
them  successful  in  their  jobs,  deep  down  most  of  them  know  it’s 
successful  staffing.  But  they  don’t  have  the  guts  to  fight  for  what 
they  need,”  says  Foote.  “Most  CIOs  aren’t  looking  at  the  staffing 
problem  in  a  portfolio  kind  of  way.  They  wouldn’t  let  their  systems 
deteriorate  the  way  they’ve  let  their  staffing  situations  decline. 
They’re  putting  themselves  at  risk.” 


Business  skills  are  critical  today.  Should  1 
poach  job  candidates  from  the  business? 

According  to  a  recent  Robert  Half  Technology  survey,  41  percent 
of  CIOs  place  a  greater  emphasis  on  business  fundamentals  when 
evaluating  candidates  than  they  did  five  years  ago.  So  it  only  makes 
sense  that  the  CIO  recruit  IT  staffers  from  the  business. 

If  only  it  were  that  simple. 

Consider  the  issue  of  rotation  programs.  Forrester  recently 
examined  IT-business  rotation  from  three  angles:  rotating 
employees  through  different  jobs  within  IT,  moving  businesspeo¬ 
ple  into  IT  and  moving  IT  employees  into  the  business.  A  survey 
of  281  IT  leaders  revealed  that  they  were  quite  good  at  job  rotation 
within  IT.  However,  only  12  percent  of  respondents  were  sending 
IT  employees  to  the  business,  and  just  7  percent  were  bringing 
business  workers  into  IT. 

^  Rotation  programs  “require  CIOs  to  make  a  credible 

case  from  two  angles,”  says  Forrester’s  Bright.  They 
have  to  prove  that  if  IT  workers  go  to  the  busi¬ 
ness,  there  will  be  a  measurable  improvement 
in  IT  performance;  they  also  must  show  that 
a  businessperson  who  spends  time  in  IT  will 
bring  value  back  to  the  business.  The  latter 
is  the  harder  argument  to  make— impossible 
even,  in  organizations  where  IT  isn’t  valued, 
Bright  says. 

Nonetheless,  it’s  good  practice  to  create 
career  development  paths  that  cross  back  and 
forth  between  IT  and  the  business.  “Some  com¬ 
panies  have  internship  programs  that  include 
a  rotation  into  the  business,”  says  Diane  Berry, 
managing  vice  president  of  Gartner’s  human 
capital  management  content  development 
group.  Permanent  job  transfers  from  the  busi¬ 


ness  to  IT  can  be  a  byproduct  of  successful 
rotation  programs.  “A  businessperson  spends  some  time  in  IT,  sees 
value  in  the  role  and  wants  to  stay,”  says  Bright. 

Blatantly  poaching  employees  from  other  departments  is  risky 
business.  If  you  steal  high  performers,  you’re  not  exactly  setting 
yourself  up  for  a  good  partnership.  If  you  do  plan  to  recruit  from 
the  business,  try  hiring  those  who  have  expressed  an  interest  in 
switching  to  an  IT  career. 

“The  argument  there  is  that  the  other  department  within  your 
company  would  lose  the  employee  anyway,  so  it  is  preferable  to 
lose  him  or  her  to  an  internal  department,”  says  Katherine  Spen¬ 
cer  Lee,  executive  director  for  Robert  Half  Technology.  Just  make 
sure  you  consult  with  managers  from  the  affected  departments 
before  making  a  move. 

Of  course,  not  everyone  working  on  the  business  side  of  the 
house  will  make  a  valuable  addition  to  IT.  “It  depends  on  what 
part  of  the  business  they  come  from  and  what  role  they  played,” 
says  Larry  Bonfante,  CIO  of  the  U.S.  Tennis  Association.  “It  helps 
if  they  have  some  process  discipline  or  at  least  an  appreciation  of 
how  technology  works.” 

The  symbiotic  give-and-take  of  workers  between  IT  and  the  busi- 


"The  CW 
should  be  the 
chief  sales 
and  marketing 
executive  for 
IT  recruiting. 
They  are  the 
ones  that  sell 
the  future." 

-Penske  CIO  Stephen  Pickett 


48  MARCH  15,  2007  |  www.cio.com 


now 


lets  you  talk  and 
work  simultaneously. 


Take  multitasking  to  the  next  level.  Introducing  the  Palm®  Treo™  750 
smart  device.  Only  Cingular's  broadband  technology  lets  you  talk  and 
download  data  at  the  same  time.  Plus,  send  and  receive  data  at 
broadband  speeds  with  the  familiar  functionality  of  Windows  Mobile.® 
Do  business  faster  with  now. 


>  Talk,  browse  the  Web,  and  download  data  simultaneously  on 
Cingular's  3G  wireless  network. 

>  Easy-to-use  Palm  innovations  integrated  with  Windows 
Mobile®  5.0,  such  as  picture  dialing  directly  from  the 
Today  screen. 

>  Supports  a  suite  of  email  applications  including  Microsoft 
Direct  Push,  Xpress  Mail,  and  Good™  Mobile  Messaging. 

>  Broadest  global  connectivity  of  any  U.S.  wireless  provider 
with  data  access  in  more  than  115  countries  and  voice  roaming 
in  more  than  185. 


Treo  750 

Exclusively  from  Cingular 

SAVE  $100 

after  $100  in  mail-in  rebate  debit 
cards  with  2-year  service  agreement 


Call  1-866-4CWS-B2B  Click  www.cingular.com/treo750  Visit  your  nearest  Cingular  store 

overage  is  not  available  in  all  areas.  Limited-time  offer.  Other  conditions  and  restrictions  apply.  See  contract  and  rate  plan  brochure  for  details.  Subscriber  must  live  and  have  a  mailing  address  within  Cingular's 
wned  network  coverage  area.  Up  to  $36  activation  fee  applies.  Offer  available  at  participating  locations.  Early  Termination  Fee:  None  if  cancelled  in  the  first  30  days;  thereafter  $175.  Some  agents  impose  additional 
es.  Unlimited  voice  services:  Unlimited  voice  services  are  provided  solely  for  live  dialog  between  two  individuals.  Offnet  Usage:  If  your  minutes  of  use  (including  unlimited  services)  on  other  carriers'  networks 
offnet  usage'l  during  any  two  consecutive  months  exceed  your  offnet  usage  allowance,  Cingular  may  at  its  option  terminate  your  service,  deny  your  continued  use  of  other  carriers’  coverage,  or  change  your  plan  to  one 
iposing  usage  charges  for  offnet  usage.  Your  offnet  usage  allowance  is  equal  to  the  lesser  of  750  minutes  or  40%  of  the  Anytime  minutes  included  with  your  plan.  Rebate  Debit  Card:  Price  before  mail-in  rebate  debit 
irds  is  $499.99.  Allow  10-12  weeks  for  rebate  debit  card.  Rebate  debit  card  not  available  at  all  locations.  Must  be  customer  for  30  consecutive  days.  Must  be  postmarked  by  4/30/07.  Sales  tax  calculated  based  on  price  of 
lactivated  equipment  Certain  email  systems  may  require  additional  hardware  and/or  software  to  access.  The  Windows  logo  and  Windows  Mobile  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporation 
the  United  States  and/or  other  countries.  ©2007  Palm,  Inc.  All  rights  reserved.  Palm  and  Treo  are  among  the  trademarks  or  registered  trademarks  owned  by  or  licensed  to  Palm,  Inc.  All  other  brand  and  product 
ames  are  or  may  be  trademarks  of,  and  are  used  to  identify  products  or  services  of,  their  respective  owners.  ©2007  AT&T  Knowledge  Ventures.  All  rights  reserved.  AT&T,  AT&T  logo,  Cingular,  and  Cingular  logos  are 
ademarks  of  AT&T  Knowledge  Ventures  and/or  AT&T  affiliated  companies. 


Staffing 


The  alphabet  soup  of  SOX,  COBIT,  and  ISO  is  connected  to 

is  connected  to 

! 

is  connected  to 


ness— “talent  alignment,”  Bright  calls  it— is  the  ideal  state. 

To  achieve  it,  though,  takes  time.  Behenna  of  Harvey  Nash  is 
working  toward  that  by  “demonstrating  where  joint  ventures 
result  in  joint  benefits:  joint  projects,  initiatives,  objectives, 
strategy.  Don’t  ask.  Give.  Once  you’ve  gained  acceptance  as 
enablers,  the  job  is  half  done.” 

Tin  facing  a  mountain  of  open  reqs. 

Should  I  enlist  the  help  of  a  third-party 
recruiter  or  beef  up  internal  recruiting  resources? 

Enlist  all  the  help  you  can. 

Internal  HR  resources  can  be  a  great  help,  particularly  when 
you’re  desperately  seeking  talented  employees  to  plug  sudden 
vacancies.  But  an  HR  generalist  may  not  be  enough,  as  his  knowl¬ 
edge  of  IT-specific  needs  is  likely  limited.  Many  CIOs  have  seen 
value  in  hiring  an  HR  resource  specifically  for  the  IT  department 
or  a  corporate  resource  that  is  dedicated— at  least  part-time— to 
technology  recruiting,  hiring  and  retention.  In  smaller  companies 
where  that  may  not  be  feasible,  extra  communication  and  due 
diligence  when  working  with  HR  are  key. 

“If  this  is  a  short-term  need  to  catch  up,  it  might  make  sense  to 
bring  in  a  third-party  recruiter,”  says  Gartner’s  Berry.  “Many  folks 
may  want  to  keep  the  more  strategic  side  of  HR  within  the  organiza¬ 
tion  and  outsource  the  more  tactical  work.”  Making  the  best  use  of 


■ 


mm 


external  recruiters  takes  some  extra  effort  as  well.  “It’s 
very  important  that  you  get  a  good  recruiter  that  under¬ 
stands  your  enterprise,  IT  organization,  culture  and  the 
jobs  for  which  you  are  recruiting,”  says  Berry.  “They  will 
be  your  face  to  candidates.” 

That  means  you  and  your  hiring  managers  must  work 
to  keep  third-party  recruiters  in  the  loop  on  staffing  strat¬ 
egy  and  needs.  Penske  CIO  Pickett,  a  former  president 
of  the  Society  for  Information  Managers  (SIM),  says  a 
lot  of  CIOs  in  that  organization  use  external  help  for  filling 
high-level  roles.  “But  for  most  positions  the  use  of  internal  staff  that 
understands  internal  desires  works  best,”  he  says. 

The  holy  grail  is  just-in-time  hiring.  Working  closely  with  HR 
experts  (not  just  when  you  need  them,  but  long  before  you  do)  will 
help  you  develop  and  maintain  a  solid  network  of  potential  hires 
and  help  avoid  a  mad  scramble  just  to  fill  a  spot. 

4  When  I  have  an  opening,  should  I  promote 
from  within  or  look  outside  the  company? 

There’s  no  right  answer.  “By  hiring  from  within,  you  demonstrate 
to  employees  that  they  can  move  up  within  your  company  and  can 
shorten  transition  time,”  says  Spencer  Lee  of  Robert  Half  Technol¬ 
ogy.  “By  hiring  external  candidates,  you  bring  a  different  perspec¬ 
tive  to  the  organization.” 


Software  that  makes  compliance  more  manageable.  Aligning  IT  with  today’s  compliance  regulations  is  complicated 
and  costly.  We  understand  this  better  than  anyone.  Our  software  distills  the  most  common  compliance  regulations  and  business 
processes  into  clear,  actionable  IT  policies.  Our  Global  Services  team  then  works  for  you-from  assessment  to  implementation- 
to  provide  a  solution  that’s  tailored  to  your  needs.  For  a  better  view  of  compliance,  visit  symantec.com/confidence 


©  2007  Symantec  Corporation.  All  rights  reserved.  Symantec  and  the  Symantec  Logo  are  registered  trademarks  of  Symantec  Corporation. 


Staffing 


Your  tactics  may  depend,  in  part,  on  organizational  culture. 
“There  are  some  great  companies  that  only  hire  at  the  entry  level. 
It  creates  a  very  strong  culture  because  they  only  promote  from 
within.  That  creates  strong  loyalty,”  says  Berry.  “On  the  flip  side, 
I  think  you  lose  [out  on]  new  ideas.” 

The  real  problem  today  is  that  most  CIOs  don’t  have  the  option. 
“They  haven’t  done  a  lot  of  staff  development,”  says  Forrester’s 
Bright.  “So  they’re  at  the  mercy  of  the  market.”  That  costs  IT 
more  than  just  dollars  and  cents.  Consider  a  company  that  has 
five  enterprise  architects  but  needs  five  more  and  has  no  one  ready 
to  move  into  the  role.  “They  may  not  have  any  trouble  finding 
someone  outside  and  paying  a  20  percent  premium  for  them.  But 
that  means  the  people  you  have  inside,  who  may  be  more  talented, 
are  now  being  paid  less,”  says  Foote.  “You  end  up  with  all  kinds  of 
internal  issues.  It  kills  CIOs.” 

It’s  a  tough  balancing  act.  “Even  if  there  is  no  ‘obvious  candi¬ 
date’  inside  the  company,  I  try  and  see  if  we  can  shape  someone,” 
says  Behenna.  “If  I  have  nobody,  then  I  put  the 
requirements  out.  There  are  times  when  a  fresh 
injection  of  talent  can  make  a  huge  leap  in  pro¬ 
ductivity  or  direction.” 

When  a  position  is  awarded,  be  transparent 
about  how  the  decision  was  made  (without  vio¬ 
lating  any  privacy  concerns).  That’s  because  a 


big  concern  for  today’s  IT  professional  is  his  career  path.  As  IT 
staffing  needs  have  shifted,  career  paths  have  become  fuzzier.  Smart 
CIOs  will  attempt  to  make  career  progression  less  of  a  mystery  and 
work  with  employees  on  individual  career  development  plans.  IT 
workers  are  more  likely  to  walk  out  because  they  see  no  opportuni¬ 
ties  for  advancement  than  for  any  other  reason,  according  to  Hud¬ 
son  Highland  Group’s  “2005  Retention  Initiatives  Report.” 

How  can  I  figure  out  what  compensation 
is  fair? 

With  all  the  ambiguity  around  job  titles  and  responsibilities, 
figuring  out  attractive— or  just  plain  fair— compensation  can  be 
tough.  But  if  you  can’t  pull  it  off,  talented  employees  can  (and  will) 
follow  the  money  elsewhere. 

IT  salaries  are  expected  to  rise  across  the  board  this  year,  between 
2.8  percent  and  4  percent  (depending  on  which  report  you  believe). 
The  starting  salary  of  a  project  manager  is  expected  to  rise  4.1  percent 
in  2007  to  a  range  of  $72,750  to  $106,250,  accord¬ 
ing  to  Robert  Half  Technology’s  “2007  Salary 
Guide.”  Application  architects  will  see  starting 
salaries  rise  4  percent  (ranging  from  $80,000  to 
$112,750),  while  IT  auditors  will  earn  3.1  percent 
more  in  2007  (a  range  of  $69,250  to  $97,000). 
Those  with  skills  in  service-oriented  architecture 


Recruiting  Refresher 


For  more  advice  from  CIOs  about 

I.T.  RECRUITING,  read  a  special 
report  at  www.cio.com/abcs. 

cio.com 


untold  stress  on  the  CEO,  CFO,  and  CIO 


www.symantec.com/vlsion 

Symantec  Vision  2007 

June  12-14,  2007  |  The  Venetian  |  Las  Vegas,  Nevada,  U.S.A. 


the  call  for  a  clear  compliance  strategy  by  EOD 


the  one  solution  for  defining,  controlling,  and  governing 
your  IT  policy  compliance  ASAP. 


^  Symantec 


Confidence  in  a  connected  world. 


Staffing 


(SOA),  business  process  reengineering  and  project  management, 
where  demand  for  workers  outstrips  supply,  may  see  double-digit 
salary  growth. 

The  standard  method  for  figuring  out  how  to  compensate  some¬ 
one  for  a  particular  role  is  to  begin  by  looking  at  salary  surveys. 
One  problem,  says  Gartner’s  Berry,  is  that  IT  organizations  aren’t 
benchmarking  salaries  regularly  enough  or  are  using  unreliable 
sources  of  data.  Another  issue  is  that  surveys  are  often  tied  to 
job  titles.  And  titles  may  not  reflect  an  IT  hire’s  full  responsibili¬ 
ties  anymore.  In  today’s  IT  department,  those  responsibilities  can 
change  quickly  and  often. 

“A  lot  of  the  roles  I  want  to  fill  are  evolutionary— and  increas¬ 
ingly,  revolutionary,”  says  Behenna,  who  estimates  his  IT  hiring 
will  increase  by  30  percent  from  last  year.  “So  there  is 
no  absolute  reference  point.”  In  a  worst  case, 
workers  may  find  themselves  seriously 
undercompensated  for  the  work  they’re 
doing,  even  though  their  salary  is  in  line 
with  their  title.  That  leads  to  tension,  resent¬ 
ment  and,  ultimately,  to  valuable  employ¬ 
ees  being  “ripe  for  the  picking  by  executive 
recruiters,”  says  Foote. 

Foote  Partners  has  found  that  most 
employers  address  this  conundrum  by 
tying  base  pay  to  the  dominant  skills  or  role 
and  incorporating  additional  compensation 
for  the  ancillary  work  and  skills  that  are 
also  part  of  the  job.  In  setting  pay,  Behenna 
browses  job  boards  for  job  descriptions  and 
pay  rates,  discusses  salaries  with  peers  and 
invites  his  direct  reports  to  research  com¬ 
pensation.  “I  have  to  be  a  little  creative,”  he 
says.  “It’s  a  manual  process,  but  it  works.” 

Just  as  important  as  doing  the  compensa¬ 
tion  research  is  making  sure  employees  know 
you’re  doing  it.  “It’s  PR  for  the  IT  organization 
that  the  company  is  keeping  abreast  of  what 
the  market  is  paying,”  says  Gartner’s  Berry. 

Wouldn't  it  be  a  better  investment  to  focus  on 
retention  rather  than  recruiting? 

It  certainly  costs  plenty  to  recruit  and  train  a  new  employee.  You 
may  ultimately  end  up  paying  as  much  as  100  percent  of  a  depart¬ 
ing  employee’s  salary  or  more,  just  to  get  a  replacement  up  and 
running,  according  to  Berry.  Then  again,  100  percent  retention  is 
a  bad  idea  too.  Too  little  turnover  “will  limit  the  amount  you  can 
learn  from  the  outside,”  says  Tim  Bosse,  executive  vice  president 
for  professional  staffing  company  Hudson  IT  &  Telecommunica¬ 
tions.  It  can  also  lead  to  a  clogging  at  the  top  and  a  lack  of  entry- 
level  positions  at  the  bottom. 

IT  leaders  should  instead  strike  a  balance  between  recruiting 
and  retention  efforts.  Add  “roles”  and  “rotation”  to  the  list  and  you 
have  the  four  R’s  of  staffing,  says  Forrester’s  Bright.  And  they’re 
all  interrelated.  Yet  Bright  says  he  can  count  on  one  hand  the  num¬ 


ber  of  IT  leaders  who  keep  continuous  focus  on  all  of  them.  “It’s 
amazing  the  lengths  people  will  go  to  avoid  having  to  create  a  fully 
fleshed-out  talent  management  strategy,”  says  Bright.  “They  focus 
on  one  area  only  after  it’s  starting  to  cause  problems.” 

There  will  be  seasonal  or  cyclical  reasons  to  focus  on  one  piece 
of  the  staffing  puzzle  more  than  another.  But  generally  speaking, 
the  key  to  success  is  to  be  proactive  about  managing  the  entire 
staffing  spectrum.  “You  can’t  tackle  any  of  these  issues  in  a  vac¬ 
uum,”  says  Bright. 

Can  I  skip  these  recruiting  headaches  by 
outsourcing  more  of  my  shop's  work? 

Nice  try.  But  if  you  think  you  can  insulate  yourself  from  personnel 
problems,  decisions  and  strategy  by  outsourcing,  you’re 
sadly  mistaken.  You  still  have  to  roll  up  your 
sleeves  and  get  involved.  Otherwise,  such 
arrangements  are  doomed  to  failure. 

Mary  Lacity,  professor  of  information 
systems  at  the  University  of  Missouri- 
St.  Louis,  has  studied  outsourcing  best 
practices.  She  notes  that  with  successful 
domestic  outsourcing  relationships,  cli¬ 
ents  review  the  resumes  of  their  suppli¬ 
er’s  employees  before  they  are  assigned 
to  their  delivery  team.  And  when  it 
comes  to  a  successful  offshore  outsourc¬ 
ing  arrangement,  clients  often  personally 
interview  each  potential  offshore-sup¬ 
plier  team  member. 

If  you  move  to  a  more  outsourced 
model,  you’ll  also  inherit  another  set  of 
recruiting  headaches:  hiring  someone  to 
manage  it.  “You’ll  have  to  find  the  rare, 
but  valuable  candidates  who  have  expe¬ 
rience  managing  vendors  and  outsourc¬ 
ers,  negotiation  skills,  contract  and  SLA 
management  experience— skills  a  lot  of 
people  in  IT  may  not  have.  Or  want,”  says  Laurie  Orlov,  vice  presi¬ 
dent  and  principal  analyst  for  Forrester  Research.  And,  as  anyone 
who’s  done  significant  outsourcing  knows,  it’s  never  long  before 
any  HR  problems  your  supplier  has  trickle  down  to  you.  “A  lot 
of  the  complaints  you  hear  from  people  who  have  outsourced  is 
actually  disappointment  in  the  level  of  quality  of  the  outsourcers’ 
staff,”  says  Orlov. 

An  outsourcing  decision  might  be  made  in  part  due  to  staffing 
concerns.  “Some  companies  may  outsource  their  legacy  systems 
because  they  want  to  reduce  the  risk  of  being  exposed  should  their 
baby  boomers  leave,”  says  Gartner’s  Berry.  But  an  outsourcing 
decision  should  never  be  made  with  the  idea  of  removing  all  risk 
or  responsibility  for  something— recruiting  or  otherwise.  The 
work  may  move;  responsibility  stays.  GEl 


Senior  Editor  Stephanie  Overby  can  be  reached  at  soverby@cio.com.  To 
comment  on  this  article,  go  to  the  online  version  at  www.cio.com/031507. 


52  MARCH  15,  2007  |  www.cio.com 


01 

A*. 


o 

^  y  * 

0 ! 


DATA  STORAGE  IS  ONLY  OVERWHELMING 
WHEN  YOU'RE  NOT  IN  CONTROL. 


Managing  data  growth  and  where  to  store  it  doesn't  have  to  make  you  run  and  hide.  The  HP 
StorageWorks  600  All-in-One  Storage  System,  powered  by  the  Dual-Core* 1  Intel®  Xeon®  processor, 
provides  integrated  file  serving,  data  protection  features  and  application  data  storage,  all  in  an 
affordable  single  system.  Now  you  can  tame  your  data,  simplify  storage,  and  set  I.T.  free. 


mM  ■ 

mk m 

fm&m 

■4c  .  '  fe.* 


The  HP  StorageWorks  600 
All-in-One  Storage  System 


We 


See  it  now  at  hp.com/go/tameyourdata2 
Call  1  <800-888-0306 


i  ??/>•*! 


I  Dual-Core  is  a  new  technology  designed  to  improve  performance  of  multithreaded  software  products  and  hardware-aware  multitasking  operating  systems  and  may  require  appropriate  operating  system  software  for  full  benefit;  check  with 
I  ftware  provider  to  determine  suitability;  not  all  customers  or  software  applications  will  necessarily  benefit  from  use  of  this  technology.  Intel’s  numbering  is  not  a  measurement  of  higher  performance.  Intel,  Intel  logo,  Intel  Inside,  Intel  Inside  logo 
l  d  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  L.P.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or 

I  ler  countries.  ©2007  Hewlett-Packard  Development  Company,  L.P.  The  information  contained  herein  is  subject  to  change  without  notice. 


View  from  the  Top 


Director  of 
the  Defense 
Logistics  Agency, 

Li.  Gen. 
Robert  Dail, 

is  pushing 
wireless  ERP 
access  to  the 
front  lines. 


As  the  U.S.  marks  the  start  of  its  fifth 
year  in  Iraq,  Lt.  Gen.  Robert  Dail, 

director  of  the  Defense  Logistics 
Agency,  is  placing  IT  atthecoreof  his 
strategy  to  end  the  snafus  and  make 
the  military  supply  organization 
more  responsive  to  the  troops 


BY  ALLAN  HOLMES 

s  more  troops  arrive  in  Iraq,  it  is  up  to 
Lt.  Gen.  Robert  Dail  to  make  sure  they 
have  enough  boots,  fuel  and  guns. 

Dail  is  director  of  the  Defense 

H 

Logistics  Agency  (DLA),  which 
provides  supplies  and  logistics  ser¬ 
vices  to  the  military.  When 
he  took  the  job  seven  months 
ago,  the  dust  had  barely  cleared  from  critiques  of  the  agency’s  compe¬ 
tence  during  the  early  days  of  the  Iraq  and  Afghanistan  wars,  when  it 
had  failed  to  deliver  crucial  supplies  such  as  generators,  tires  and  food 
to  the  soldiers.  The  DLA  also  had  been  criticized  by  the  Government 
Accountability  Office  for  lax  information  security  practices,  including 
failure  to  assess  system  security  risks. 

The  first  component  of  a  new  ERP  system  had  recently  been  phased 
in,  connecting  the  agency’s  40,000-plus  suppliers  to  its  three  major 
inventory  management  centers  in  Philadelphia;  Columbus,  Ohio;  and 
Richmond,  Va„  along  with  many  key  sites  around  the  globe.  The  system 
was  designed  to  moi'e  efficiently  manage  supplies,  demand  and  supply 


SUPPLIES 
DEMAND 


54  MARCH  15,  2007  |  www.cio.com 


PHOTOS  BY  CLAUDIO  VAZQUEZ 


ADVERTISEMENT 


' 


Performance,  Reliability, 
System  Health 

Strategic  IT  Approaches  to  Business  Growth 


You  think  strategically  about  supply  chain 
management  SO  A,  virtualization  and  so  on.  But 
are  you  thinking  strategically  about  the 
performance  reliability  and  health  of  the  systems 
your  business  depends  on? 

At  the  very  core  of  business  activity  are  the  systems  and 
processes  used  to  achieve  day-to-day  production.  Any 
stop,  slow  or  difficulty  on  this  line  is  unacceptable  in 
achieving  business  goals. 

With  strategic  projects  looming  on  the  horizon,  IT 
cannot  afford  to  be  stuck  in  "break-fix"  mode,  handling 
user  help  desk  calls  and  doing  simple  manual 
maintenance  tasks  just  to  keep  productivity  going.  With 
the  shortage  in  IT  staff,  the  ones  you  have  need  to  be 
utilized  to  complete  your  projects. 

A  more  strategic  approach  to  system 
performance  and  reliability  is  needed. 

Increase  user  productivity. 

A  slow  system  equals  lost  productivity.  Even  waiting  5 
extra  seconds  every  time  users  open  a  Word  document 
can  cause  hundreds  of  hours  in  lost  production. 
Perform  automatic,  real-time  system  maintenance  to 
increase  performance  and  reliability. 

Gain  IT  staff  time  for  more  important  projects 

Crashes  and  system  freezes;  slow  boot  times  and  boot 
failures;  slow  back  up  times  and  aborted  backup;  file 
corruption  and  data  loss;  hard  drive  failures  all  waste 
valuable  IT  staff  time.  Handle  the  major  cause  of  these 
problems  automatically  and  use  these  freed-up  IT  staff 
for  key  business  projects. 

Increase  stability  of  new  implementations 

Having  gone  live  and  implemented  a  new  project,  it 
would  be  a  shame  to  have  it  be  slow  and  sluggish  with 
resulting  user  complaints!  Keep  new  implementations 
running  at  peak  performance  -  automatically. 

Improve  customer  service  and  support  -  globally 

"Service"  is  the  watchword  for  any  successful  company. 
Thus  anything  that  keeps  a  customer  waiting  or  un¬ 
serviced  can  be  a  death  sentence  for  a  business.  Increasing 
server  uptime  improves  service  to  a  customer.  Keep 
servers  performing  at  peak  and  reliably  automatically. 


Take  some  much  needed  planning  time 

With  customers  happier,  users  more  productive,  the  IT 
department  humming  along  with  increased  efficiency, 
use  this  "bought  time"  to  plan  -  collaborate  more  with 
the  business  side  on  what  IT  can  do  to  improve  business. 

Diskeeper®  2007 

Maximizing  performance  and  reliability  -  Automatically 

With  Diskeeper  installed  systems  run  better  -  period! 
Slows  disappear,  crashes  and  hangs  are  a  thing  of  the 
past,  customers  and  users  are  happier  and  staff  get  more 
done.  And  best  of  all,  performance,  reliability  and  disk 
health  are  all  increased  automatically,  in  real  time  with 
no  drain  on  system  resources.  Diskeeper  uses  innovative 
technology  to  run  undetectable,  in  the  background  and 
keep  your  systems  running  at  peak  24/7. 

Strategically  speaking,  every  system  performing  at  peak  is 
the  basic  building  block  from  which  to  enable  business 
growth  -  Diskeeper  installed  company-wide  provides  this. 

Do  you  have  Diskeeper? 

Chances  are  likely  that  you  have  Diskeeper  installed  on 
at  least  some  of  the  systems  within  your  company. 
These  desktops,  laptops  and/or  servers  are  being 
maintained  at  peak  performance  and  reliability  -  all 
automatically,  quietly  and  with  no  intervention 
required  from  users  or  IT  staffers. 

Contact  your  IT  Director  and  find  out  if  you  have 
Diskeeper  (if  not  he  can  download  a  free  trial  at 
www.diskeeper.com/cio3).  Ask  "Why  isn't  Diskeeper 
on  every  system?"  If  he  is  on-the-ball,  he'll  say  "we  are 
on  to  it  right  away!" 


For  more  info  or  for  full  technical  white  papers  visit: 

www.diskeeper.com/cioresources 


Maximum  System  Performance  and  Reliability  —  Automatically ™ 


Volume  licensing  and  Government/ Education  discounts 
are  available  from  your  favorite  reseller  or  call 
800-829-6468  code  9261 


©  2007  Diskeeper  Corporation.  All  Rights  Reserved.  Diskeeper,  the  Diskeeper  Corporation  logo  and  Maximum  System  Performance  and 
Reliability  —  Automatically  are  either  registered  trademarks  or  trademarks  of  Diskeeper  Corporation  in  the  United  States  and/or  other 
countries.  Diskeeper  Corporation,  7590  N.  Glenoaks  Blvd.,  Burbank,  CA  91504 


View  from  the  Top 


planning,  order  fulfillment,  procurement, 
and  financial  accounting  processes.  Dail 
says  it  has  allowed  DLA  to  fulfill  most 
orders  more  quickly  and  more  accurately. 

But  to  Dail,  a  new  ERP  system  could 
only  be  as  good  as  the  business  model 
it  supported.  The  early  years  of  the  Iraq 
War  demonstrated  that  the  agency’s  tra¬ 
ditional  model  of  pushing  supplies  to  the 
field  from  central  locations  didn’t  work 
as  well  as  it  should.  Delivering  the  goods 
still  took  too  long,  and  sometimes  there 
were  severe  supply  shortages. 

So  Dail  is  on  a  mission  to  use  that 
ERP  system  to  turn  DLA  into  a  demand- 
driven  organization  that  pushes  supplies 
directly  to  the  troops  on  the  front  lines. 
His  model  is  FedEx,  delivering  orders 
within  days  and  allowing  customers  to 
track  them  online.  Being  on  the  front 
lines  also  means  the  agency  has  to  be 
able  to  get  where  the  action  is— quickly. 
Therefore,  this  summer,  Dail  plans 
to  further  test  and  implement  a  wire¬ 
less  supply  chain  system  that  can  be 
deployed  anywhere  in  the  world  and  be 
online  within  hours. 

“The  world  requires  that  we  buy 
things  and  deliver  them  when  the 


[troops]  need  them.  So,  information 
becomes  very  critical,”  Dail  says.  That 
means  accurately  forecasting  soldiers’ 
future  demand  for  items  such  as  medical 
supplies,  spare  parts,  food  or  clothing, 
and  being  able  to  get  those  items  out  fast. 

Dail  spoke  with  CIO  Washington 
Bureau  Chief  Allan  Holmes  about  how 
he  expects  IT  to  be  a  major  driver  in  the 
transformation  of  DLA  into  a  customer- 
driven  supply  chain  organization. 

CIO:  What  experiences  molded  your  view 
that  IT  is  a  key  ingredient  in  forming  the 
strategy  of  an  organization? 

Lt.  Gen.  Robert  Dail:  My  assignment 
before  coming  here  was  as  the  deputy 
commander  of  the  U.S.  Transporta¬ 
tion  Command  and  before  that  as  the 
command’s  chief  operating  officer.  Our 
mission  was  to  move  America’s  military 
all  over  the  planet.  We  had  the  planes,  we 
had  the  ships,  but  the  thing  that  connected 
it  all  together,  the  thing  that  allowed  us  to 
control  [where  to  send  the  transportation], 
was  information  technology. 

When  I  got  here,  I  found  an  agency 
that  had  taken  four  years  to  develop  an 
ERP  solution  to  improve  its  business 


W 


Howdolmove 
the  agency  from  an 
entity  that  manages 
suppliers  atthewhole- 
sa  e  level  to  an  agency 
that  links  supply 
and  demand  where 
my  customers  are 
located?” 


-Lt.  Gen.  Robert  Dail 


Defense  Logistics  Agency 

Headquarters:  Fort  Belvoir,  Va. 

Primary  business:  Distribution  of 
military  supplies 

Budget:  $34.3  billion 

Employees:  more  than  20,000 

CIO:  Mae  De  Vincentis 

IT  budget:  $712.3  million 

IT  employees:  1,500 


capabilities.  Before,  we  had  a  system 
that  allowed  us  to  buy  supplies  and  put 
them  in  a  warehouse.  The  focus  was  on 
order  fulfillment. 

But  I  found  myself  asking,  Now  that 
we  have  this  capability  that  moves  us 
from  just  buying  [supplies]  to  supply 
chain  management,  how  do  I  move  the 
agency  from  an  entity  that  manages  sup¬ 
pliers  at  the  wholesale  level  to  an  agency 
that  links  supply  and  demand  where  my 
customers  are  located? 

We  have  to  move  from  Philadelphia, 
Richmond  and  Columbus  [out  to]  the 
Air  Force  bases,  Marine  Corps  camps 
and  Naval  bases.  We  have  to  oper¬ 
ate  where  the  troops  are.  When  we 
get  the  supply  directly  to  the  military 
customer,  we  reduce  the  need  for  ware¬ 
housing  and  military  transport.  Then 
we  will  significantly  reduce  customer 
wait  time  and  the  costs  to  ship  and  store 
supplies,  and  significantly  increase  our 
customers’  satisfaction. 

How  do  you  do  that? 

I  think  the  first  thing  that  you  have  to  do 
is  get  out  of  Washington.  I  take  senior 
leaders  out  to  the  field  to  show  them  gaps 
in  the  information  system.  I  went  down  to 
Fort  Jackson,  S.C.,  where  the  army  trains 
new  recruits.  We  found  that  uniforms 
and  other  equipment  that  we  supply  to 
the  recruits  in  their  clothing  bags  were 
missing  items.  [The  officers  there]  didn’t 
have  the  capability  to  input  that  informa¬ 
tion  into  the  system  to  let  us  know. 


56  MARCH  15,  2007  |  www.cio.com 


FILE  EDIT  VIEW  INSERT  FORMAT  PROJECTS  RESOURCES  SCHEDULES  RISKS 

Stay  up  to  the  minute  on  500  projects 
with  7,000  team  members  in  6  countries. 


I  have  the  solution. 


That’s  no  problem. 


I’m  connected. 


Run  Primavera  ► 


When  assignments  seem 
impossible,  turn  to  the  leader 
in  project,  resource  and 
portfolio  management. 


Primavera  has  revolutionized  the  way  companies 
manage  their  businesses.  We  give  companies  of  all 
types  and  sizes  the  expertise  to  achieve  excellence  in 
managing  projects,  resources  and  portfolios  in  a  way  that 
helps  them  deliver  measurable  results.  And  that  means 
increased  profit. 


Find  out  why  Primavera  was  named  a  Project  Portfolio 
Management  Market  Leader  by  a  leading  independent 
analyst  firm.  Visit  www.primavera.com/leader  today! 


PRIMAVERA 

Business  solution*  (or  a  project-driven  world™ 


ENGINEERING  &  CONSTRUCTION  •  PROFESSIONAL  SERVICES  •  POWER.  ENERGY  &  PROCESS  •  HIGH  TECHTTELECOM  •  PUBLIC  SECTOR  •  AEROSPACE  &  DEFENSE  •  FINANCIAL  SERVICES  primavera.COm 


The  CIO 
Pocket  MBA 

April  23-27, 2007 


Boston  University's  Executive  Leadership  Center 
Boston  University  School  of  Management 

For  complete  program  details  visit 
management.bu.edu/exec/elc/ciopocket 


t 


Sessions 
Presented  By 


A  Commitment  to  Excellence 

A  New  Era  In  Collaboration 

World-Class  Education  with 
Real  World  Application 


Boston  University  Scholars: 

N.  Venkat  Venkatraman 

and 

John  C.  Henderson 

and  other  distinguished  faculty 


Get  the  CIO  Pocket  MBA  Advantage 


•  Curriculum  developed  and  presented  by  world-renowned  thought 
leaders  from  Boston  University  and  in  cooperation  with  CIO  magazine 

•  Learn  best  practices  from  top  global  companies — learn  from  their 
successes  in  creating  value  through  information  systems 

•  Identify,  weigh  and  communicate  the  strategic  competitive 
advantages  shaping  information  technology  today 


Topics  to  include: 

•  Alignment  in  the  21st  Century:  A  New  Model  for  Innovation 

•  Strategy:  Setting  the  IT  Strategic  Direction 

•  Transformation  in  the  Network  Era: 

Opportunities  and  Challenges 

•  Implementation:  Building  a  Strategy  for  Getting  Things  Done 
•Business  Finance  for  IT 


Register  now  as  space  is  limited! 

management.bu.edu/exec/elc/ciopocket 
Or  contact  us  directly  at: 

Phone:617-353-4248 
Email:  elc@management.bu.edu 

The  early  registration  discount  rate  for  this  program  is  $4,245 
if  you  register  before  March  23rd.  After  March  23rd  the 
registration  rate  for  this  course  is  $4,995. 

Boston  University  Executive  Leadership  Center 
595  Commonwealth  Avenue 
Boston,  MA  02215 

Accommodations: 

Hotel  Commonwealth 
500  Commonwealth  Avenue 
Boston,  MA  02215 


Business 

Technology 

Leadership 


www.cio.com/conferences 


View  from  the  Top 


Customers 
are  interested  in 
when  they  receive 
their  shipments 

ratherthan  whether 

wecutashipping 

document.” 

-Lt.  Gen.  Robert  Dail 


We’ve  [provided]  that  now,  and  in  the 
past  two  or  three  months  we’ve  seen  the 
fill  rates  for  the  clothing  bags  dramati¬ 
cally  improve. 

What  kind  of  culture  shift  does  your  new 
business  model  require,  and  how  do  you 
manage  that? 

In  the  past,  we  measured  our  performance 
against  how  much  we  were  buying,  against 
some  historically  based  demand.  A  major 
measure  of  customer  satisfaction  was 
whether  we  were  able  to  immediately  ful¬ 
fill  an  order,  with  no  regard  to  the  timeli¬ 
ness  of  [shipping]  the  order. 

Our  new  [metric]  measures  our  ability 
to  ship  in  a  matter  of  days.  Customers 
are  interested  in  when  they  receive  their 
shipments  rather  than  whether  we  cut  a 
shipping  document. 

Making  this  change  is  tremendously 
exhausting.  As  the  director  of  DLA,  I 
take  on  the  responsibility  of  being  the 
champion  for  changes  and  communicat¬ 
ing  them  to  the  workforce.  That  involves 
frequent  travel  and  one-on-one  visits 
with  our  workforce  around  the  world. 
The  workforce  wants  to  hear  about 
changes  from  their  top  leadership,  and 
they  want  to  comprehend  what  it  is 
we’re  trying  to  accomplish  before  we 
expend  time  and  effort  to  incorporate 
these  changes. 

How  do  you  communicate  to  the  CIO  and 
IT  department  the  changes  you  want? 

During  the  holidays  I  visited  all  of  our 
locations  in  Afghanistan,  Iraq,  Kuwait 
and  Qatar,  where  we  have  small  teams 
of  DLA  professionals.  They’re  operat¬ 
ing  primarily  on  e-mail  and  telephones, 
gathering  [orders]  and  feeding  them 
back  to  the  United  States.  In  every  one 
of  those  locations,  the  people  asked  me, 
“Could  you  forward  deploy  our  ERP 
solution  so  I  can  buy  [directly]?” 

I  came  back  and  told  Mae  De  Vin- 
centis,  our  CIO,  that  our  accuracy,  our 
performance,  our  responsiveness  has  to 
improve  because  our  workforce  wants 
us  to  respond  better.  Nobody  in  the  field 
talked  to  me  about  larger  [troop  size]; 
nobody  talked  to  me  about  smaller.  They 
talked  to  me  about  better. 


Mae  has  to  continually  remind  her 
people  that  their  job  is  not  about  devel¬ 
oping  a  capability.  It  is  about  using  that 
capability.  Over  the  next  year  or  so,  I 
will  continue  to  focus  on  not  just  fielding 
ERP  but  convincing  my  workforce  that 
this  will  allow  them  to  think  differently 
about  how  they’re  going  to  support  [the 
troops].  They’re  not  going  to  sit  in  their 
traditional  locations.  This  is  going  to 
allow  them  to  move  to  where  our  [troops] 
are  and  provide  better  support. 

Providing  wider  ERP  access  makes  it 
harder  to  keep  the  system  secure.  Few 
non-IT  executives  make  improving  secu¬ 
rity  a  priority,  but  you  have.  Why? 

One  thing  you  get  when  you  go  out 
to  where  our  people  are  operating  is 
a  constant  reminder  that  we’ve  got  to 
protect  information.  I  monitor  our  per¬ 
formance,  and  so  do  my  partners  [who 
include  the  U.S.  Transportation  Com¬ 
mand  and  the  military  services].  I  track 
and  improve  performance  through 
training  and  through  systems  capability 
and  through  new  development.  Then  I 
take  those  lessons  and  I  roll  them  into 


What  the  Boss  Wants 


Learn  more  about  WHAT  CEOs  WANT  FROM 
I.T.  online  at  www.cio.com/031507. 

cio.com 


our  new  development  of  information 
assurance  and  metrics. 

And  so  it’s  a  constant  cycle  of  moni¬ 
toring  your  own  performance  and  then 
working  that  back  into  new  develop¬ 
ment,  training  and  capability. 

Why  have  you  ordered  the  IT  department 
to  focus  on  wireless  technology? 

The  purpose  of  our  IT  shop  is  to  enable 
our  people  to  link  demand  to  our  sup¬ 
ply  capability.  Wireless  will  become 
more  critical.  I’m  not  just  talking  about 
war-fighting  operations.  I’m  also  talking 
about  support  in  natural  disasters  and 
humanitarian  relief.  As  soon  as  the  first 
planes  land,  we’ll  be  plugged  in. 

One  of  my  initiatives  this  year  will  be  to 
demonstrate  how  we  can  take  all  the  sys¬ 
tems  in  the  distribution  center  in  New  Cum¬ 
berland,  Pa.,  one  of  our  largest  distribution 
centers  in  America,  and  deploy  those 
people  and  IT  on  a  training  exercise  7,000 
miles  away  using  wireless  with  assured 
security— and  operate  immediately. 

The  Defense  Logistics  Agency  cannot 
do  its  mission  in  the  future  if  it  does  not 
focus  on  moving  information  so  that  we 
can  get  the  right  item  to  our  troops  on 
the  ground.  BE] 


Allan  Holmes  writes  frequently  about  govern¬ 
ment  issues.  To  comment  on  this  story,  go  to  the 
online  version  at  www.cio.com/031507. 


60  MARCH  15,  2007  |  www.cio.com 


SunGard  provides  uncommonly  strong  techniques  to 
keep  your  IT  systems  available.  You’re  always  in  control, 
with  a  broad  range  of  hosting  and  recovery  services  at 
your  command.  You’re  always  confident,  because 
SunGard’s  extensive  redundancy,  highly  experienced 
people,  and  100%  recovery  success  rate  are  working 
in  your  favor. 

With  access  to  some  of  the  industry’s  most  extensive 
IT  resources,  you’re  able  to  achieve  precise  levels  of 
Information  Availability  across  the  enterprise.  Prioritize 
the  availability  of  each  critical  application — from  “always 


on”  to  advanced  recovery — while  knowing  that  your 
solution  can  seamlessly  scale  as  your  business  evolves. 
To  the  exact  degree  you  demand.  At  the  exact  time 
you  need  it. 

You  set  the  levels,  we’ll  do  the  rest.  SunGard  keeps 
you  in  control  with  a  more  precise  approach  to 
Information  Availability. 

SUNGARD®  K7,7  Peo?le 

^  wi*  mm  and  Information 

Availability  Services  Connected: 


CIO 


SALES  AND  SERVICES 


CIO  SALES  OFFICES 
President  and  CEO 

Michael  Friedenberg 
508  935-4310 

Publisher 

Gary  J.  Beach 
508  935-4202 

VP,  National  Associate 
Publisher 

Bob  Melk  •  415  975-2685 
Sales  Operations  Manager 

Dawn  Cora 
508  935-4092 
Fax  •  508  879-6063 

EAST  COAST 

Regional  Sales  Director 

Brian  Glynn 
508  935-4586 
Regional  Sales  Manager 
Ellie  St.  Louis 
201 634-2332 
Senior  Sales  Associate 
Norma  Tamburrino 
201 634-2329 
Fax  •  201 634-9513 

NORTH  CENTRAL/ 
SOUTHWEST/SOUTHEAST 

Regional  Sales  Manager 

Beth  DeVillez 
773  334-8005 

Sales  Associate,  EP/Sales 

Nicole  Blackburn 
508  935-4154 

SOUTHERN  CALIFORNIA 

Regional  Sales  Manager 

Kevin  Ebmeyer 
415  975-2684 


WEST  COAST 

Senior  Regional  Sales  Manager 

Ai  Collins -415  975-2686 

Regional  Sales  Manager 

Kevin  Ebmeyer 
415  975-2684 

Account  Executive 

Derek  Jung 
415  975-2683 
Fax  •  415  543-2358 


INTEGRATED  MEDIA  AND 
ONLINE  SALES 
Online  Regional  Sales 
Manager 

Tina  Dudarevitch 
718  279-2396 
Lori  Kehoe 
415  978-3329 

Online  District  Sales  Manager 

Sara  Mascall 
415  978-3385 

Manager,  Online  Account 
Services 

Danielle  Tetreault 
508  988-7969 

Online  Account  Services 
Specialist 

Valerie  Sumner 
508  988-7877 

Online  Advertising  Specialist 

Irina  Gabechiia 
508  935-4414 

Online  Ad  Sales  Associate 

Devon  Slattery 
415  975-2687 


Online  Account  Services 
Coordinator 

FHayley  Nickerson 
508  988-7819 


CUSTOM  SOLUTIONS 

GROUP 

Vice  President 

Matt  Avery 
508  935-4796 

Director  of  Sales 

Mary  Gregory 
508  988-6765 

Executive  Editor 
Tom  Field 
Managing  Editor 
Jim  Malone 
Associate  Editor 
Anne  Taylor 

Senior  Project  Manager 

Amy  Greenleaf 

Project  Managers 

Karen  Capland, 

Amy  Freeman 

LIST  SERVICES 

Contact  Paul  Capone  of  IDG 
List  Services  at  508  370-0865 
or  pcapone@idglist.com. 

REPRINT  SERVICES 

For  article  reprints  (100  quan¬ 
tity  or  more),  please  contact 
Keith  Williams  at  PARS  Inter¬ 
national  at  212  221-9595  x319 
or  via  e-mail  at  keith.williams@ 
parsintl.com. 


CIO  is  published  in  the 
U.S.  as  well  as  in: 

Australia,  CIO  Australia 

www.idg.com.au 

Canada,  CIO  Canada 

cio.itworldcanada.com 

China,  CEO  &  CIO  China 

www.ceocio.com.cn 

France,  CIO  France 

www.idg.fr/cio 

Germany,  CIO  Germany 

www.cio.de 

India,  CIO  India 

91-80-521-0309/12 

Japan,  CIO  Japan 

www.idg.co.jp 

The  Netherlands, 

CIO  Netherlands 
www.cio.nl 

New  Zealand,  CIO  New  Zealand 
www.idg.co.nz 

Norway,  CIO  Business  Standard 
www.business-standard.no 
Poland,  CXO  Poland 
www.cxo.pl 

Singapore,  CIO  ACEN/ 
Plong-Kong  www.idg.com.sg 
South  Korea,  CIO  Korea 
www.cio.seoul.kr 
Sweden,  CIO  Sweden 
www.cio.idg.se 

For  further  sales  information: 

www2.cio.com/marketing/ 

aboutcio/contacts.cfm 


INDEX  OF  COMPANIES  AND  ADVERTISERS 


Page  numbers  refer  to  the  first  page  of  the  article(s)  in  which  the  company  has  a  substantial  mention. 

This  index  is  provided  as  a  service  to  readers.  The  publisher  does  not  assume  any  liability  for  errors  or  omissions. 


COMPANY  INDEX 

Accenture . 21, 36 

American  Express  Co . 13 

American  Power  Conversion  Corp . 13 

Anheuser-Busch  Companies  Inc . 13 

Arup  Group  . 21 

Ashland . 36 

Automatic  Data  Processing  Inc . 36 

Autonomy . 21 

BearingPoint  Inc . 28 

Capital  One  Services  Inc . 13, 32 

Cartesis . 36 

Caterpillar . 36 

Chevron  Corp . 8 

Convera  Inc . 21 

Coveo  Solutions  Inc . 21 

Craigslist  Inc . 13 

Decision  Critical  Inc . 21 

Dow  Chemical  Co.,  The  . 36 

E.&J.  Gallo  Winery . 13 

eBay  . 13 

Endeca  Technologies  Inc . 21 

FAST . 21 

Foote  Partners  LLC . 46 

Forrester  Research  Inc . 21, 46 

Freescale  Inc . 36 

Gartner  Inc . 21,46 

General  Electric  Corp . 8 

Genworth  Financial  Inc . 36 

Google  Inc . 13,21 

FI&R  Block  Inc . 8 

Hackett  Group,  The . 36 

Harrah’s  License  Co.  LLC . 13 

Harris  Corp . 21 

Plarvey  Nash  Group  Pic . 46 

Holly  Corp . 13 


HP  Development  Co.  L.P. . 13 

Pludson  IT  &  Telecommunications . 46 

Flyperion  Solutions  Corp . 36 

IBM  Corp . 13,21 

InQuira  Inc . 21 

Isys  Search  Software  . 21 

Juniper  Networks  Inc . 46 

KPMG  International . 36 

Liberty  Global  Inc . 36 

Loews  Corp . 36 

Logicalis  Group . 36 

McKinsey  &Co . 13 

Microsoft  Corp . 21 

Mohawk  Industries . 36 

Morrison  &  Foerster  LLP . 21 

Mosaic  Co.,  The . 36 

National  Instruments  Corp . 21 

News  Corp . 36 

Nielsen  Norman  Group . 64 

Oracle . 21,36 

Pearson . 36 

Penske  Corp . 46 

PRG-Schultz  International  Inc . 28 

PricewaterhouseCoopers . 36 

Procter  and  Gamble  Company,  The . 8 

Qualcomm  Inc . 36 

Recommind  Inc . 21 

Robert  Half  International  Inc . 46 

Rock-Tenn  Co . 36 

SanDisk  Corp . 8 

Seagate  LLC . 13 

Sears  Holdings  Corp . 36 

Skype  Limited . 13 

Southwest  Airlines  Co . 36 

Starwood  Hotels  &  Resorts  Inc . 28 

Sutter  Health . 28 


United  Technologies . 36 

Viacom  International  Inc . 36 

Vivisimo  Inc . 21 

Yahoo!  Inc . 13,  21 

ZINK  Imaging  LLC . 13 

ZyLAB . 21 

ADVERTISER  INDEX 

Acxiom  Corp . 19 

Alcatel-Lucent . 12 

Atlantic  Canada  Opportunities  Agency  ..45 

Audiovisual  Innovations . 7 

Autonomy  Inc . 23 

BMC  Software  Inc . 31 

Brocade . 11 

CA . C4 

CDWCorp . 35 

Cingular  Wireless . 49 

Cognos  Inc . 29 

CXO  Media  Inc . 25,58,63 

Dell  Inc . 27 

DiskeeperCorp . 55 

Fujitsu  Computer  Systems  Corp . 17 

Hewlett-Packard  Co.  (regional) . 53 

Hewlett-Packard  Co . 5 

Hyperion  Solutions  Corp . C3 

IBM  Corp . 20,40 

IBM  Corp.  (regional) . 58 

Intechra  Inc . 2 

Intel  Corp . 15 

Microsoft  Corp . C2, 24a,  33 

Oracle  Corp . 43 

Primavera  Systems  Inc . 57 

SunGard  Availability  Services  Inc . 61 

Symantec  Corp . 50 


Toshiba  America  Business  Solutions  Inc.  9 


CIO  CONTACT 
INFORMATION 

Editorial,  Advertising  and 
Business  Offices:  CXO  Media 
Inc.,  492  Old  Connecticut  Path, 
P.O.  Box  9208,  Framingham,  MA 
01701-9208,  508  872-0080. 

CIO  (ISSN  0894-9301)  is  pub¬ 
lished  semimonthly  and  as  a 
combined  issue  Dec.  15/Jan.  1  by 
CXO  Media  Inc.  Periodicals  post¬ 
age  paid  at  Framingham,  MA,  and 
at  additional  mailing  offices.  Can¬ 
ada  Publications  Mail  Agreement 
Number  1902075.  CANADIAN 
POSTMASTER:  Please  return 
undeliverable  copy  to  P.O.  Box 
1632,  Windsor,  ON  N9A  7C9. 

Permissions:  Copyright  2007 
by  CXO  Media  Inc.  All  rights 
reserved.  Reproduction  of 
material  appearing  in  CIO 
is  forbidden  without  written 
permission.  Send  all  requests 
to  Yadira  Pizarro,  PARS  Interna¬ 
tional^  221-9595,  Ext.  231, 
oryadira@parsintl.com. 

Photocopy  Rights:  Permission 
to  photocopy  for  internal  or 
personal  use  or  the  internal  or 
personal  use  of  specific  clients  is 
granted  by  CIO  for  users  through 
the  Copyright  Clearance  Center, 
provided  that  a  fee  of  $3.50  per 
copy  of  the  article  is  paid  directly 
to  Copyright  Clearance  Center, 
222  Rosewood  Drive,  Danvers, 

MA  01970.  www.copyright.com. 
Please  specify:  ISSN  0894-9301. 
Permission  to  photocopy  does 
not  extend  to  contributed  articles 
followed  by  this  symbol:  %. 

Subscriptions:  CIO  is  free  to 
qualified  information  executives. 
To  apply,  use  our  online  subscrip¬ 
tion  form  at  www.subscribe 
.cio.com.  Subscriptions  are  also 
available  on  a  paid  basis  at  a  rate 
of  $95  for  the  United  States  and 
Canada,  $195  International  (pay¬ 
able  in  U.S.  funds  only)  and  may 
be  ordered  online  at  www 
.subscribe.cio.com/services 
.html.  Or  address  inquiries  to 
CIO.  P.O.  Box  489,  Northbrook, 

IL  60065-0489;  866  354-1125. 
Please  al  low  four  to  six  weeks  for 
a  new  subscription  to  begin.  The 
single  copy  price  is  $9  for  the 
United  States  and  Canada,  and 
$15  International.  Prepayment  is 
required,  payable  in  U.S.  funds. 

Change  of  Address:  Please  go  to 

www.omeda.com/custsrv/cio 
and  follow  the  online  instructions. 

Postmaster:  Send  change  of 
address  to  CIO,  P.O.  Box  489, 
Northbrook,  I L  60065-9816. 
Printed  intheU.S.A. 


62  MARCH  15,  2007  |  www.cio.com 


r 

call  for  entries 


NOW  YOU  HAVE  A  VOTE  FOR  THE 


Current 
Hall  of  Fame 
Members 

John  Cross 
David  Evans 
Charles  Feld 
Cinda  Hallman 
Max  D.  Hopper 
Katherine  M.  Hudson 


In  1997,  on  the  occasion  of  CIO's 
10th  anniversary,  we  created  the  CIO  Hall 
of  Fame,  honoring  12  men  and  women 
we  believed  to  have  been  the  decade’s 
most  influential  CIOs. 

Now,  as  our  20th  anniversary  approaches, 
we’re  askingfor  your  help  in  identifying 
20  more  men  and  women  to  honor. 


Donald  R.  Lasher 

Bob  L.  Martin 

DuWayne  J.  Peterson 

Ron  J.  Ponder 

Paul  Strassman 

Patricia  Wallington 

Find  the  profiles  of  these 
men  and  women  at  www 

.cio.com/091597/hall.html 

to  see  what  makes  a 
CIO  Hall  of  Famer. 


Presented  by 


Business 

Technology 

Leadership 


This  spring,  we  will  select  the  20  new 
members,  post  their  names  and 
accomplishments  on  our  site  and  profile 
them  in  our  Oct.  1  20th  anniversary  issue. 

The  accomplishments  of  our  honorees 
will  be  significant  and  far-reaching. 

They  will  illuminate  where  IT  has  been 
and  where  it  is  going. 

Back  in  1997,  we  did  this  without  you. 

Now  your  voices  can  be  heard. 

So  let’s  hearthem! 


Deadline:  May  1, 2007 

You  will  find  our  nomination  form  at  www.cio.com/awards/fame 


'hings  I've  Learned 


THE  VOICE  OF  EXPERIENCE 


AS  TOLD  TO  STEPHANIE  GELSTON 


Jakob  Nielsen  is  a 

leading  expert  on  Web 
usability  anda  principal 
of  the  Nielsen  Norman 
Group,  a  business 
design  consultancy. 
When  it  comes  to  Web 
design,  he  believes  less 
is  more  and  is  no  fan  of 
complex  sites  or  flashy 
graphics  that  come 
between  the  user  and 
the  content. 


Users  are  different 
from  developers. 

Anyone  working  on  a  spe¬ 
cific  design  project  knows 
too  much  about  that  sys¬ 
tem  and  its  functionality. 
People  on  the  outside  don’t 
have  this  special  knowl¬ 
edge  and  they  know  less 
about  technology.  There¬ 
fore,  they  will  often  have 
grave  difficulties  using 
something  the  project 
team  thinks  is  “obvious." 
The  only  way  around  this 
conundrum  is  to  do  user 
testing  and  find  out  how 
the  intended  users  behave 
when  using  the  system. 


B2B  websites  are 
much  worse  than 
B2C  sites. 

We  conducted  a  major 
usability  study  of  170  B2B 
sites.  I  was  appalled  at 
what  we  found.  These  sites 
are  difficult  to  navigate 
and  they  rarely  answer 
customers’  questions  in  a 
straightforward  manner.  I 
think  the  reason  B2B  sites 
are  so  bad  is  that  they 
often  don’t  take  orders 
directly  on  the  site.  Thus, 
site  managers  don’t  know 
how  many  customers  they 
are  losing.  In  contrast, 
many  B2C  sites  track  their 
business  value  closely  and 
they  know  that  their  sales 
go  up  immensely  when 
they  make  their  sites  more 
customer-focused. 

Most  Web  2.0 
trends  are  not 
that  important  for 
business  sites. 

They  still  need  to  focus 
on  getting  Web  1.0  right: 
helping  customers  find 
the  products,  describing 
them  in  ways  that  make 
sense  and  making  trans¬ 
actions  more  seamless. 
Blogs  are  certainly  proof 
of  the  basic  argument  of 
usability,  which  is  that 
making  things  easier  will 
increase  their  value. 


I  definitely  want 
to  get  my  hands  on 
Apple's  new  phone. 

But  I  would  be  even  more 
interested  in  getting  a 
Japanese  i-mode  phone, 
l-mode  has  a  lot  of  spe¬ 
cialized  services  designed 
for  mobile,  and  that’s  what 
we  need  for  the  future.  We 
also  need  a  better  screen 
and  a  gesture-based  Ul, 
which  Apple  is  supplying. 
But  without  thousands  of 
vertical  mobile  services, 
the  iPhone  will  not  be 
much  more  than  a  good- 
looking  brick. 

My  pet  peeve? 

Cable  TV  boxes  and  all 
the  other  miserable  user 
interfaces  we  have  to  suf¬ 
fer  in  order  to  operate  a 
home  theater.  Try  to  count 
the  number  of  remotes 
and  buttons  you’re  given 
to  support  the  simple 
task  of  watching  a  movie. 

I  tried:  I  have  239  buttons 
on  the  remotes  for  my 
main  TV  and  its  associ¬ 
ated  boxes.  We  need  a 
user  interface  standard 
for  consumer  electronic 
devices. 


To  comment  on  this  article, 
go  to  www.cio.com/031507. 


RCH  15,  2007  |  www.cio.com 


Leaders  Wanted/CIO  Challenge  Series 


Challenge  #4: 

Deliver  business  intelligence  that  inspires  everyone,  even  your  CEO. 


Solution: 

Hyperion — your  management  system  for  the  global  enterprise. 

Here’s  the  paradox:  If  you  give  every  department  the  Bl  they  want,  nobody 
gets  the  Bl  they  really  need.  So  how  do  you  transform  Bl  into  a  strategic  tool 
that  guides  the  enterprise  at  every  level?  Only  Hyperion®  System™  9  BI+™ 
lets  you  produce,  manage  and  deliver  strategic  Bl  that  integrates  your 
financial  and  operational  data.  The  result:  information-rich  reports  that 
allow  management  to  more  accurately  predict  the  future.  More  insights, 
fewer  reports.  Isn’t  that  what  smart  Bl  is  all  about? 


FIND  OUT  HOW  TO  PUT  THE  BUSINESS 
IN  BUSINESS  INTELLIGENCE. 

Co  to  http://smartbi.hyperion.com 

#  Hyperion 

The  future  in  sight 


©  2007  Hyperion  Solutions  Corporation.  All  rights  reserved.  “Hyperion,"  the  Hyperion  logo,  and  Hyperion's  product  names  are  trademarks  of  Hyperion.  References  to  other  companies  and  their 
products  use  trademarks  owned  by  the  respective  companies  and  are  for  reference  purpose  only. 


patturord 


[TTkTrMig* 


IF 

9*S 

3 

Iff 

a 

Why  can  she  see  everyone's  salary,  but  can't 
confirm  her  vendor's  payment? 

Keep  information  secure  with  Identity  and  Access  Management  (1AM)  solutions  from  CA.  Hold  on.  Employees  with 
access  to  information  they  should  never  see?  And  no  access  to  the  information  they  need  to  do  their  job?  When  you're 
adding  employees  and  changing  their  responsibilities,  it's  bound  to  happen.  Unless  you  have  Identity  and  Access 
Management  solutions  from  CA.  Our  industry-leading  1AM  gives  you  enterprise-wide  security  and  control. 

It's  what's  made  CA  the  IDC  worldwide  market  leader  in  1AM  six  years  running,  since  1999.*  How'd  we  do  that?  Well,  we're 
looking  at  IT  from  a  whole  new  perspective.  It's  unified  and  simplified,  it's  security  without  question.  And  it's  all  at  ca.com/iam. 


ca 


*  IDC,  Worldwide  Hardware  Authentication  and  Identity  and  Access  Management 
2005  Vendor  Shares,  Doc  #203296,  Sep  2006. 

Copyright  ©  2007  CA.  All  rights  reserved. 


Transforming 
IT  Management 


